from:"Jamie Gritton"

svn commit: r368676 - head/usr.sbin/jls

2020-12-15 Thread Jamie Gritton

Author: jamie
Date: Tue Dec 15 20:56:35 2020
New Revision: 368676
URL: https://svnweb.freebsd.org/changeset/base/368676

Log:
  Bugfix to not hide jailparam flags, which for example changes the output
  "vnet=2" to the less opaque "vnet=inherit"
  
  Reported by:  kevans
  MFC after:5 days

Modified:
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Tue Dec 15 20:02:40 2020(r368675)
+++ head/usr.sbin/jls/jls.c Tue Dec 15 20:56:35 2020(r368676)
@@ -323,7 +323,7 @@ add_param(const char *name, void *value, size_t valuel
}
xo_errx(1, "%s", jail_errmsg);
}
-   param->jp_flags = flags;
+   param->jp_flags |= flags;
return param - params;
 }
 
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r364970 - head/sys/sys

2020-08-29 Thread Jamie Gritton

Author: jamie
Date: Sat Aug 29 22:24:41 2020
New Revision: 364970
URL: https://svnweb.freebsd.org/changeset/base/364970

Log:
  Add __BEGIN_DECLS to jail.h to keep C++ happy.
  
  PR:   238928
  Reported by:  yuri@

Modified:
  head/sys/sys/jail.h

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Sat Aug 29 22:09:36 2020(r364969)
+++ head/sys/sys/jail.h Sat Aug 29 22:24:41 2020(r364970)
@@ -110,11 +110,13 @@ struct xprison {
 
 struct iovec;
 
+__BEGIN_DECLS
 int jail(struct jail *);
 int jail_set(struct iovec *, unsigned int, int);
 int jail_get(struct iovec *, unsigned int, int);
 int jail_attach(int);
 int jail_remove(int);
+__END_DECLS
 
 #else /* _KERNEL */
 
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r364874 - head/usr.sbin/jail

2020-08-27 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 27 17:04:55 2020
New Revision: 364874
URL: https://svnweb.freebsd.org/changeset/base/364874

Log:
  Disregard jails in jail.conf that have bad parameters (parameter/variable
  clash, or redefining name/jid).  The current behvaior, of merely warning
  and moving on, can lead to unexpected behavior when a jail is created
  without the offending parameter defined at all.

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Aug 27 16:36:07 2020(r364873)
+++ head/usr.sbin/jail/config.c Thu Aug 27 17:04:55 2020(r364874)
@@ -369,11 +369,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e
if ((flags ^ dp->flags) & PF_VAR) {
jail_warnx(j, "variable \"$%s\" cannot have the same "
"name as a parameter.", name);
+   j->flags |= JF_FAILED;
return;
}
if (dp->flags & PF_IMMUTABLE) {
jail_warnx(j, "cannot redefine parameter \"%s\".",
dp->name);
+   j->flags |= JF_FAILED;
return;
}
if (strcmp(dp->name, name)) {
@@ -405,6 +407,7 @@ add_param(struct cfjail *j, const struct cfparam *p, e
"cannot have the same "
"name as a parameter.",
name);
+   j->flags |= JF_FAILED;
return;
}
j->intparams[ipnum] = np;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r364850 - head/usr.sbin/jail

2020-08-26 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 27 00:17:17 2020
New Revision: 364850
URL: https://svnweb.freebsd.org/changeset/base/364850

Log:
  Don't allow jail.conf variables to have the same names as jail parameters.
  It was already not allowed in many cases, but crashed instead of giving an
  error.
  
  PR:   248444

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Wed Aug 26 23:41:46 2020(r364849)
+++ head/usr.sbin/jail/config.c Thu Aug 27 00:17:17 2020(r364850)
@@ -366,8 +366,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e
break;
if (dp != NULL) {
/* Found it - append or replace. */
+   if ((flags ^ dp->flags) & PF_VAR) {
+   jail_warnx(j, "variable \"$%s\" cannot have the same "
+   "name as a parameter.", name);
+   return;
+   }
if (dp->flags & PF_IMMUTABLE) {
-   jail_warnx(j, "cannot redefine variable \"%s\".",
+   jail_warnx(j, "cannot redefine parameter \"%s\".",
dp->name);
return;
}
@@ -394,6 +399,14 @@ add_param(struct cfjail *j, const struct cfparam *p, e
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
equalopts(name, intparams[ipnum].name)) {
+   if (flags & PF_VAR) {
+   jail_warnx(j,
+   "variable \"$%s\" "
+   "cannot have the same "
+   "name as a parameter.",
+   name);
+   return;
+   }
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r364828 - head/usr.sbin/jail

2020-08-26 Thread Jamie Gritton

Author: jamie
Date: Wed Aug 26 18:35:32 2020
New Revision: 364828
URL: https://svnweb.freebsd.org/changeset/base/364828

Log:
  Back out r364791 to unbreak jails.  Lesson learned: "compile and test" means
  running the test on the same executable that you just compiled.
  
  PR:   248444
  Pointy hat to:jamie

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Wed Aug 26 17:52:32 2020(r364827)
+++ head/usr.sbin/jail/config.c Wed Aug 26 18:35:32 2020(r364828)
@@ -393,8 +393,7 @@ add_param(struct cfjail *j, const struct cfparam *p, e
else
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
-   equalopts(name, intparams[ipnum].name) &&
-   !(p->flags & PF_VAR)) {
+   equalopts(name, intparams[ipnum].name)) {
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r364791 - head/usr.sbin/jail

2020-08-25 Thread Jamie Gritton

Author: jamie
Date: Wed Aug 26 00:42:59 2020
New Revision: 364791
URL: https://svnweb.freebsd.org/changeset/base/364791

Log:
  Handle jail.conf variables that have the same names as parameters.
  
  PR:   248444
  Submitted by: Akos Somfai
  Reported by:  Markus Stoff

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Wed Aug 26 00:31:59 2020(r364790)
+++ head/usr.sbin/jail/config.c Wed Aug 26 00:42:59 2020(r364791)
@@ -393,7 +393,8 @@ add_param(struct cfjail *j, const struct cfparam *p, e
else
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
-   equalopts(name, intparams[ipnum].name)) {
+   equalopts(name, intparams[ipnum].name) &&
+   !(p->flags & PF_VAR)) {
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r341084 - in head: sys/kern sys/sys usr.sbin/jail

2018-11-27 Thread Jamie Gritton

Author: jamie
Date: Tue Nov 27 17:51:50 2018
New Revision: 341084
URL: https://svnweb.freebsd.org/changeset/base/341084

Log:
  In hardened systems, where the security.bsd.unprivileged_proc_debug sysctl
  node is set, allow setting security.bsd.unprivileged_proc_debug per-jail.
  In part, this is needed to create jails in which the Address Sanitizer
  (ASAN) fully works as ASAN utilizes libkvm to inspect the virtual address
  space. Instead of having to allow unprivileged process debugging for the
  entire system, allow setting it on a per-jail basis.
  
  The sysctl node is still security.bsd.unprivileged_proc_debug and the
  jail(8) param is allow.unprivileged_proc_debug. The sysctl code is now a
  sysctl proc rather than a sysctl int. This allows us to determine setting
  the flag for the corresponding jail (or prison0).
  
  As part of the change, the dynamic allow.* API needed to be modified to
  take into account pr_allow flags which may now be disabled in prison0.
  This prevents conflicts with new pr_allow flags (like that of vmm(4)) that
  are added (and removed) dynamically.
  
  Also teach the jail creation KPI to allow differences for certain pr_allow
  flags between the parent and child jail. This can happen when unprivileged
  process debugging is disabled in the parent prison, but enabled in the
  child.
  
  Submitted by: Shawn Webb 
  Obtained from:HardenedBSD (45b3625edba0f73b3e3890b1ec3d0d1e95fd47e1, 
deba0b5078cef0faae43cbdafed3035b16587afc, 
ab21eeb3b4c72f2500987c96ff603ccf3b6e7de8)
  Relnotes: yes
  Sponsored by: HardenedBSD and G2, Inc
  Differential Revision:https://reviews.freebsd.org/D18319

Modified:
  head/sys/kern/kern_jail.c
  head/sys/kern/kern_priv.c
  head/sys/kern/kern_prot.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Nov 27 17:10:00 2018(r341083)
+++ head/sys/kern/kern_jail.c   Tue Nov 27 17:51:50 2018(r341084)
@@ -194,10 +194,14 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = 
{"allow.reserved_ports", "allow.noreserved_ports",
 PR_ALLOW_RESERVED_PORTS},
{"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF},
+   {"allow.unprivileged_proc_debug", "allow.nounprivileged_proc_debug",
+PR_ALLOW_UNPRIV_DEBUG},
 };
 const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
 
-#defineJAIL_DEFAULT_ALLOW  (PR_ALLOW_SET_HOSTNAME | 
PR_ALLOW_RESERVED_PORTS)
+#defineJAIL_DEFAULT_ALLOW  (PR_ALLOW_SET_HOSTNAME | \
+PR_ALLOW_RESERVED_PORTS | \
+PR_ALLOW_UNPRIV_DEBUG)
 #defineJAIL_DEFAULT_ENFORCE_STATFS 2
 #defineJAIL_DEFAULT_DEVFS_RSNUM0
 static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;
@@ -498,6 +502,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
int ip6s, redo_ip6;
 #endif
uint64_t pr_allow, ch_allow, pr_flags, ch_flags;
+   uint64_t pr_allow_diff;
unsigned tallow;
char numbuf[12];
 
@@ -1530,7 +1535,8 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
}
}
}
-   if (pr_allow & ~ppr->pr_allow) {
+   pr_allow_diff = pr_allow & ~ppr->pr_allow;
+   if (pr_allow_diff & ~PR_ALLOW_DIFFERENCES) {
error = EPERM;
goto done_deref_locked;
}
@@ -3783,6 +3789,8 @@ SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT 
 "B", "Jail may bind sockets to reserved ports");
 SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW,
 "B", "Jail may read the kernel message buffer");
+SYSCTL_JAIL_PARAM(_allow, unprivileged_proc_debug, CTLTYPE_INT | CTLFLAG_RW,
+"B", "Unprivileged processes may use process debugging facilities");
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,
@@ -3834,10 +3842,16 @@ prison_add_allow(const char *prefix, const char *name,
 * Find a free bit in prison0's pr_allow, failing if there are none
 * (which shouldn't happen as long as we keep track of how many
 * potential dynamic flags exist).
+*
+* Due to per-jail unprivileged process debugging support
+* using pr_allow, also verify against PR_ALLOW_ALL_STATIC.
+* prison0 may have unprivileged process debugging unset.
 */
for (allow_flag = 1;; allow_flag <<= 1) {
if (allow_flag == 0)
goto no_add;
+   if (allow_flag & PR_ALLOW_ALL_STATIC)
+   continue;
if ((prison0.pr_allow & allow_flag) == 0)
break;
}

Modified: head/sys/kern/kern_priv.c

svn commit: r339420 - in head: sys/kern usr.sbin/jail

2018-10-18 Thread Jamie Gritton

Author: jamie
Date: Thu Oct 18 15:02:57 2018
New Revision: 339420
URL: https://svnweb.freebsd.org/changeset/base/339420

Log:
  Fix typos from r339409.
  
  Reported by:  maxim
  Approved by:  re (gjb)

Modified:
  head/sys/kern/kern_jail.c
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Oct 18 14:20:15 2018(r339419)
+++ head/sys/kern/kern_jail.c   Thu Oct 18 15:02:57 2018(r339420)
@@ -3352,7 +3352,7 @@ prison_priv_check(struct ucred *cred, int priv)
return (0);
 
/*
-* Do not allow a process inside a jail read the kernel
+* Do not allow a process inside a jail to read the kernel
 * message buffer unless explicitly permitted.
 */
case PRIV_MSGBUF:

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Thu Oct 18 14:20:15 2018(r339419)
+++ head/usr.sbin/jail/jail.8   Thu Oct 18 15:02:57 2018(r339420)
@@ -553,7 +553,7 @@ with non-jailed parts of the system.
 Jailed users may read the kernel message buffer.
 If the
 .Va security.bsd.unprivileged_read_msgbuf
-MIB entry is zero, this will be restricted to to root user.
+MIB entry is zero, this will be restricted to the root user.
 .It Va allow.socket_af
 Sockets within a jail are normally restricted to IPv4, IPv6, local
 (UNIX), and route.  This allows access to other protocol stacks that
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r339409 - in head: sys/kern sys/sys usr.sbin/jail

2018-10-17 Thread Jamie Gritton

Author: jamie
Date: Wed Oct 17 16:11:43 2018
New Revision: 339409
URL: https://svnweb.freebsd.org/changeset/base/339409

Log:
  Add a new jail permission, allow.read_msgbuf.  When true, jailed processes
  can see the dmesg buffer (this is the current behavior).  When false (the
  new default), dmesg will be unavailable to jailed users, whether root or
  not.
  
  The security.bsd.unprivileged_read_msgbuf sysctl still works as before,
  controlling system-wide whether non-root users can see the buffer.
  
  PR:   211580
  Submitted by: bz
  Approved by:  re@ (kib@)
  MFC after:3 days

Modified:
  head/sys/kern/kern_jail.c
  head/sys/kern/kern_priv.c
  head/sys/kern/subr_prf.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Oct 17 14:51:43 2018(r339408)
+++ head/sys/kern/kern_jail.c   Wed Oct 17 16:11:43 2018(r339409)
@@ -193,6 +193,7 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = 
{"allow.mlock", "allow.nomlock", PR_ALLOW_MLOCK},
{"allow.reserved_ports", "allow.noreserved_ports",
 PR_ALLOW_RESERVED_PORTS},
+   {"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF},
 };
 const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
 
@@ -3350,6 +3351,15 @@ prison_priv_check(struct ucred *cred, int priv)
case PRIV_PROC_SETLOGINCLASS:
return (0);
 
+   /*
+* Do not allow a process inside a jail read the kernel
+* message buffer unless explicitly permitted.
+*/
+   case PRIV_MSGBUF:
+   if (cred->cr_prison->pr_allow & PR_ALLOW_READ_MSGBUF)
+   return (0);
+   return (EPERM);
+
default:
/*
 * In all remaining cases, deny the privilege request.  This
@@ -3770,6 +3780,8 @@ SYSCTL_JAIL_PARAM(_allow, mlock, CTLTYPE_INT | CTLFLAG
 "B", "Jail may lock (unlock) physical pages in memory");
 SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT | CTLFLAG_RW,
 "B", "Jail may bind sockets to reserved ports");
+SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW,
+"B", "Jail may read the kernel message buffer");
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,

Modified: head/sys/kern/kern_priv.c
==
--- head/sys/kern/kern_priv.c   Wed Oct 17 14:51:43 2018(r339408)
+++ head/sys/kern/kern_priv.c   Wed Oct 17 16:11:43 2018(r339409)
@@ -62,6 +62,11 @@ static int   unprivileged_mlock = 1;
 SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN,
 _mlock, 0, "Allow non-root users to call mlock(2)");
 
+static int unprivileged_read_msgbuf = 1;
+SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf,
+CTLFLAG_RW, _read_msgbuf, 0,
+"Unprivileged processes may read the kernel message buffer");
+
 SDT_PROVIDER_DEFINE(priv);
 SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__ok, "int");
 SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__err, "int");
@@ -104,6 +109,17 @@ priv_check_cred(struct ucred *cred, int priv, int flag
switch (priv) {
case PRIV_VM_MLOCK:
case PRIV_VM_MUNLOCK:
+   error = 0;
+   goto out;
+   }
+   }
+
+   if (unprivileged_read_msgbuf) {
+   /*
+* Allow an unprivileged user to read the kernel message
+* buffer.
+*/
+   if (priv == PRIV_MSGBUF) {
error = 0;
goto out;
}

Modified: head/sys/kern/subr_prf.c
==
--- head/sys/kern/subr_prf.cWed Oct 17 14:51:43 2018(r339408)
+++ head/sys/kern/subr_prf.cWed Oct 17 16:11:43 2018(r339409)
@@ -1053,11 +1053,6 @@ msgbufinit(void *ptr, int size)
oldp = msgbufp;
 }
 
-static int unprivileged_read_msgbuf = 1;
-SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf,
-CTLFLAG_RW, _read_msgbuf, 0,
-"Unprivileged processes may read the kernel message buffer");
-
 /* Sysctls for accessing/clearing the msgbuf */
 static int
 sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS)
@@ -1066,11 +1061,9 @@ sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS)
u_int seq;
int error, len;
 
-   if (!unprivileged_read_msgbuf) {
-   error = priv_check(req->td, PRIV_MSGBUF);
-   if (error)
-   return (error);
-   }
+   error = priv_check(req->td, PRIV_MSGBUF);
+   if (error)
+   return (error);
 
/* Read the whole buffer, one chunk at a

svn commit: r339211 - head/sys/kern

2018-10-05 Thread Jamie Gritton

Author: jamie
Date: Sat Oct  6 02:10:32 2018
New Revision: 339211
URL: https://svnweb.freebsd.org/changeset/base/339211

Log:
  Fix the test prohibiting jails from sharing IP addresses.
  
  It's not supposed to be legal for two jails to contain the same IP address,
  unless both jails contain only that one address.  This is the behavior
  documented in jail(8), and is there to prevent confusion when multiple
  jails are listening on IADDR_ANY.
  
  VIMAGE jails (now the default for GENERIC kernels) test this correctly,
  but non-VIMAGE jails have been performing an incomplete test when nested
  jails are used.
  
  Approved by:  re@ (kib@)
  MFC after:5 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Fri Oct  5 21:10:03 2018(r339210)
+++ head/sys/kern/kern_jail.c   Sat Oct  6 02:10:32 2018(r339211)
@@ -1393,11 +1393,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
 * there is a duplicate on a jail with more than one
 * IP stop checking and return error.
 */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
@@ -1460,11 +1461,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
}
}
/* Check for conflicting IP addresses. */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r337925 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys

2018-08-16 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 16 19:09:43 2018
New Revision: 337925
URL: https://svnweb.freebsd.org/changeset/base/337925

Log:
  Revert r337922, except for some documention-only bits.  This needs to wait
  until user is changed to stop using jail(2).
  
  Differential Revision:D14791

Modified:
  head/lib/libc/sys/jail.2
  head/sys/compat/freebsd32/freebsd32_misc.c
  head/sys/compat/freebsd32/freebsd32_proto.h
  head/sys/compat/freebsd32/freebsd32_syscall.h
  head/sys/compat/freebsd32/freebsd32_syscalls.c
  head/sys/compat/freebsd32/freebsd32_sysent.c
  head/sys/compat/freebsd32/freebsd32_systrace_args.c
  head/sys/compat/freebsd32/syscalls.master
  head/sys/kern/init_sysent.c
  head/sys/kern/kern_jail.c
  head/sys/kern/syscalls.c
  head/sys/kern/syscalls.master
  head/sys/kern/systrace_args.c
  head/sys/sys/jail.h
  head/sys/sys/syscall.h
  head/sys/sys/syscall.mk
  head/sys/sys/syscallsubr.h
  head/sys/sys/sysproto.h

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Thu Aug 16 18:58:34 2018(r337924)
+++ head/lib/libc/sys/jail.2Thu Aug 16 19:09:43 2018(r337925)
@@ -25,10 +25,11 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd August 16, 2018
+.Dd February 8, 2012
 .Dt JAIL 2
 .Os
 .Sh NAME
+.Nm jail ,
 .Nm jail_get ,
 .Nm jail_set ,
 .Nm jail_remove ,
@@ -40,6 +41,8 @@
 .In sys/param.h
 .In sys/jail.h
 .Ft int
+.Fn jail "struct jail *jail"
+.Ft int
 .Fn jail_attach "int jid"
 .Ft int
 .Fn jail_remove "int jid"
@@ -50,7 +53,74 @@
 .Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
 .Sh DESCRIPTION
 The
+.Fn jail
+system call sets up a jail and locks the current process in it.
+.Pp
+The argument is a pointer to a structure describing the prison:
+.Bd -literal -offset indent
+struct jail {
+   uint32_tversion;
+   char*path;
+   char*hostname;
+   char*jailname;
+   unsigned intip4s;
+   unsigned intip6s;
+   struct in_addr  *ip4;
+   struct in6_addr *ip6;
+};
+.Ed
+.Pp
+.Dq Li version
+defines the version of the API in use.
+.Dv JAIL_API_VERSION
+is defined for the current version.
+.Pp
+The
+.Dq Li path
+pointer should be set to the directory which is to be the root of the
+prison.
+.Pp
+The
+.Dq Li hostname
+pointer can be set to the hostname of the prison.
+This can be changed
+from the inside of the prison.
+.Pp
+The
+.Dq Li jailname
+pointer is an optional name that can be assigned to the jail
+for example for management purposes.
+.Pp
+The
+.Dq Li ip4s
+and
+.Dq Li ip6s
+give the numbers of IPv4 and IPv6 addresses that will be passed
+via their respective pointers.
+.Pp
+The
+.Dq Li ip4
+and
+.Dq Li ip6
+pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
+the prison, or NULL if none.
+IPv4 addresses must be in network byte order.
+.Pp
+This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
+system call (see below), with the parameters
+.Va path ,
+.Va host.hostname ,
+.Va name ,
+.Va ip4.addr ,
+and
+.Va ip6.addr ,
+and with the
+.Dv JAIL_ATTACH
+flag.
+.Pp
+The
+.Fn jail_set
 system call creates a new jail, or modifies an existing one, and optionally
 locks the current process in it.
 Jail parameters are passed as an array of name-value pairs in the array
@@ -76,19 +146,13 @@ The current set of available parameters, and their for
 retrieved via the
 .Va security.jail.param
 sysctl MIB entry.
-Notable parameters include
+Notable parameters include those mentioned in the
+.Fn jail
+description above, as well as
 .Va jid
 and
-.Va name
-which identify the jail being created or modified,
-.Va path
-(the root directory of the jail),
-.Va host.hostname
-(the hostname of the jail), and
-.Va ip4.addr
-and
-.Va ip6.addr
-(IP addresses to assign to the jail).
+.Va name ,
+which identify the jail being created or modified.
 See
 .Xr jail 8
 for more information on the core jail parameters.
@@ -173,7 +237,8 @@ It will kill all processes belonging to the jail, and 
 of that jail.
 .Sh RETURN VALUES
 If successful,
-.Fn jail_set
+.Fn jail ,
+.Fn jail_set ,
 and
 .Fn jail_get
 return a non-negative integer, termed the jail identifier (JID).
@@ -184,6 +249,25 @@ to indicate the error.
 .Rv -std jail_attach jail_remove
 .Sh ERRORS
 The
+.Fn jail
+system call
+will fail if:
+.Bl -tag -width Er
+.It Bq Er EPERM
+This process is not allowed to create a jail, either because it is not
+the super-user, or because it would exceed the jail's
+.Va children.max
+limit.
+.It Bq Er EFAULT
+.Fa jail
+points to an address outside the allocated address space of the process.
+.It Bq Er EINVAL
+The version number of the argument is not correct.
+.It Bq Er EAGAIN
+No free JID could be found.
+.El
+.Pp
+The
 .Fn jail_set
 system call
 will fail if:
@@ -287,7 +371,8 @@ does not exist.
 .El
 .Pp
 Further
-.Fn jail_set
+.Fn jail ,
+.Fn jail_set ,
 and
 .Fn jail_attach
 call
@@ -301,7 +386,7 @@ manual

svn commit: r337922 - in head: lib/libc/gen lib/libc/sys share/man/man9 sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/freebsd32 sys/fs/nandfs sys/kern sys/sys sys/ufs/ufs

2018-08-16 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 16 18:40:16 2018
New Revision: 337922
URL: https://svnweb.freebsd.org/changeset/base/337922

Log:
  Put jail(2) under COMPAT_FREEBSD11.  It has been the "old" way of creating
  jails since FreeBSD 7.
  
  Along with the system call, put the various security.jail.allow_foo and
  security.jail.foo_allowed sysctls partly under COMPAT_FREEBSD11 (or
  BURN_BRIDGES).  These sysctls had two disparate uses: on the system side,
  they were global permissions for jails created via jail(2) which lacked
  fine-grained permission controls; inside a jail, they're read-only
  descriptions of what the current jail is allowed to do.  The first use
  is obsolete along with jail(2), but keep them for the second-read-only use.
  
  Differential Revision:D14791

Modified:
  head/lib/libc/gen/getvfsbyname.3
  head/lib/libc/sys/jail.2
  head/share/man/man9/VFS_SET.9
  head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
  head/sys/compat/freebsd32/freebsd32_misc.c
  head/sys/compat/freebsd32/freebsd32_proto.h
  head/sys/compat/freebsd32/freebsd32_syscall.h
  head/sys/compat/freebsd32/freebsd32_syscalls.c
  head/sys/compat/freebsd32/freebsd32_sysent.c
  head/sys/compat/freebsd32/freebsd32_systrace_args.c
  head/sys/compat/freebsd32/syscalls.master
  head/sys/fs/nandfs/nandfs_vnops.c
  head/sys/kern/init_sysent.c
  head/sys/kern/kern_jail.c
  head/sys/kern/syscalls.c
  head/sys/kern/syscalls.master
  head/sys/kern/systrace_args.c
  head/sys/sys/jail.h
  head/sys/sys/syscall.h
  head/sys/sys/syscall.mk
  head/sys/sys/syscallsubr.h
  head/sys/sys/sysproto.h
  head/sys/ufs/ufs/ufs_vnops.c

Modified: head/lib/libc/gen/getvfsbyname.3
==
--- head/lib/libc/gen/getvfsbyname.3Thu Aug 16 18:37:47 2018
(r337921)
+++ head/lib/libc/gen/getvfsbyname.3Thu Aug 16 18:40:16 2018
(r337922)
@@ -28,7 +28,7 @@
 .\" @(#)kvm_getvfsbyname.3 8.3 (Berkeley) 5/4/95
 .\" $FreeBSD$
 .\"
-.Dd August 30, 2016
+.Dd August 16, 2018
 .Dt GETVFSBYNAME 3
 .Os
 .Sh NAME
@@ -83,9 +83,10 @@ aliases some other mounted FS
 stores file names as Unicode
 .It Dv VFCF_JAIL
 can be mounted from within a jail if
-.Va security.jail.mount_allowed
-sysctl is set to
-.Dv 1
+.Va allow.mount
+and
+.Va allow.mount.
+jail parameters are set
 .It Dv VFCF_DELEGADMIN
 supports delegated administration if
 .Va vfs.usermount

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Thu Aug 16 18:37:47 2018(r337921)
+++ head/lib/libc/sys/jail.2Thu Aug 16 18:40:16 2018(r337922)
@@ -25,11 +25,10 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 8, 2012
+.Dd August 16, 2018
 .Dt JAIL 2
 .Os
 .Sh NAME
-.Nm jail ,
 .Nm jail_get ,
 .Nm jail_set ,
 .Nm jail_remove ,
@@ -41,8 +40,6 @@
 .In sys/param.h
 .In sys/jail.h
 .Ft int
-.Fn jail "struct jail *jail"
-.Ft int
 .Fn jail_attach "int jid"
 .Ft int
 .Fn jail_remove "int jid"
@@ -53,74 +50,7 @@
 .Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
 .Sh DESCRIPTION
 The
-.Fn jail
-system call sets up a jail and locks the current process in it.
-.Pp
-The argument is a pointer to a structure describing the prison:
-.Bd -literal -offset indent
-struct jail {
-   uint32_tversion;
-   char*path;
-   char*hostname;
-   char*jailname;
-   unsigned intip4s;
-   unsigned intip6s;
-   struct in_addr  *ip4;
-   struct in6_addr *ip6;
-};
-.Ed
-.Pp
-.Dq Li version
-defines the version of the API in use.
-.Dv JAIL_API_VERSION
-is defined for the current version.
-.Pp
-The
-.Dq Li path
-pointer should be set to the directory which is to be the root of the
-prison.
-.Pp
-The
-.Dq Li hostname
-pointer can be set to the hostname of the prison.
-This can be changed
-from the inside of the prison.
-.Pp
-The
-.Dq Li jailname
-pointer is an optional name that can be assigned to the jail
-for example for management purposes.
-.Pp
-The
-.Dq Li ip4s
-and
-.Dq Li ip6s
-give the numbers of IPv4 and IPv6 addresses that will be passed
-via their respective pointers.
-.Pp
-The
-.Dq Li ip4
-and
-.Dq Li ip6
-pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
-the prison, or NULL if none.
-IPv4 addresses must be in network byte order.
-.Pp
-This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
-system call (see below), with the parameters
-.Va path ,
-.Va host.hostname ,
-.Va name ,
-.Va ip4.addr ,
-and
-.Va ip6.addr ,
-and with the
-.Dv JAIL_ATTACH
-flag.
-.Pp
-The
-.Fn jail_set
 system call creates a new jail, or modifies an existing one, and optionally
 locks the current process in it.
 Jail parameters are passed as an array of name-value pairs in the array
@@ -146,13 +76,19 @@ The current set of available parameters, and their for
 retrieved via the
 .Va security.jail.param
 sysctl MIB entry.
-Notable

svn commit: r337919 - head/usr.sbin/jail

2018-08-16 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 16 18:30:49 2018
New Revision: 337919
URL: https://svnweb.freebsd.org/changeset/base/337919

Log:
  security.jail.enforce_statfs is handled by jail_set(2), so handling it in
  userspace jail(8) is redundant.
  
  Differential Revision:D14791

Modified:
  head/usr.sbin/jail/config.c
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/jailp.h

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Aug 16 18:27:43 2018(r337918)
+++ head/usr.sbin/jail/config.c Thu Aug 16 18:30:49 2018(r337919)
@@ -106,7 +106,6 @@ static const struct ipspec intparams[] = {
 [KP_ALLOW_SOCKET_AF] = {"allow.socket_af", 0},
 [KP_ALLOW_SYSVIPC] =   {"allow.sysvipc",   0},
 [KP_DEVFS_RULESET] =   {"devfs_ruleset",   0},
-[KP_ENFORCE_STATFS] =  {"enforce_statfs",  0},
 [KP_HOST_HOSTNAME] =   {"host.hostname",   0},
 #ifdef INET
 [KP_IP4_ADDR] ={"ip4.addr",0},

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Thu Aug 16 18:27:43 2018(r337918)
+++ head/usr.sbin/jail/jail.c   Thu Aug 16 18:30:49 2018(r337919)
@@ -138,7 +138,6 @@ main(int argc, char **argv)
unsigned op, pi;
int ch, docf, error, i, oldcl, sysval;
int dflag, Rflag;
-   char enforce_statfs[4];
 #if defined(INET) || defined(INET6)
char *cs, *ncs;
 #endif
@@ -275,14 +274,6 @@ main(int argc, char **argv)
(sysval ? 1 : 0) ^
perm_sysctl[pi].rev
? NULL : "false");
-   }
-   sysvallen = sizeof(sysval);
-   if (sysctlbyname("security.jail.enforce_statfs",
-   , , NULL, 0) == 0) {
-   snprintf(enforce_statfs,
-   sizeof(enforce_statfs), "%d", sysval);
-   add_param(NULL, NULL, KP_ENFORCE_STATFS,
-   enforce_statfs);
}
}
} else if (op == JF_STOP) {

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Thu Aug 16 18:27:43 2018(r337918)
+++ head/usr.sbin/jail/jailp.h  Thu Aug 16 18:30:49 2018(r337919)
@@ -120,7 +120,6 @@ enum intparam {
KP_ALLOW_SOCKET_AF,
KP_ALLOW_SYSVIPC,
KP_DEVFS_RULESET,
-   KP_ENFORCE_STATFS,
KP_HOST_HOSTNAME,
 #ifdef INET
KP_IP4_ADDR,
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r337867 - head/usr.sbin/jail

2018-08-15 Thread Jamie Gritton

Author: jamie
Date: Wed Aug 15 20:23:17 2018
New Revision: 337867
URL: https://svnweb.freebsd.org/changeset/base/337867

Log:
  Don't let clobber jailparam values when checking for modification of
  init-only parameters.
  
  Compare string parameter values with strncmp, not memcmp.
  
  PR:   230487
  Reported by:  Jason Mader
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jail.c

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Wed Aug 15 20:23:08 2018(r337866)
+++ head/usr.sbin/jail/jail.c   Wed Aug 15 20:23:17 2018(r337867)
@@ -803,8 +803,10 @@ rdtun_params(struct cfjail *j, int dofail)
exit(1);
}
for (jp = j->jp; jp < j->jp + j->njp; jp++)
-   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid"))
+   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) {
*++rtjp = *jp;
+   rtjp->jp_value = NULL;
+   }
rval = 0;
if (jailparam_get(rtparams, nrt,
bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) {
@@ -815,8 +817,11 @@ rdtun_params(struct cfjail *j, int dofail)
jp->jp_valuelen == 0 &&
*(int *)jp->jp_value) &&
!(rtjp->jp_valuelen == jp->jp_valuelen &&
-   !memcmp(rtjp->jp_value, jp->jp_value,
-   jp->jp_valuelen))) {
+   !((jp->jp_ctltype & CTLTYPE) ==
+   CTLTYPE_STRING ? strncmp(rtjp->jp_value,
+   jp->jp_value, jp->jp_valuelen) :
+   memcmp(rtjp->jp_value, jp->jp_value,
+   jp->jp_valuelen {
if (dofail) {
jail_warnx(j, "%s cannot be "
"changed after creation",
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r336038 - in head/sys: kern sys

2018-07-06 Thread Jamie Gritton

Author: jamie
Date: Fri Jul  6 18:50:22 2018
New Revision: 336038
URL: https://svnweb.freebsd.org/changeset/base/336038

Log:
  Change prison_add_vfs() to the more generic prison_add_allow(), which
  can add any dynamic allow.* or allow.*.* parameter.  Also keep
  prison_add_vfs() as a wrapper.
  
  Differential Revision:D16146

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Fri Jul  6 17:39:48 2018(r336037)
+++ head/sys/kern/kern_jail.c   Fri Jul  6 18:50:22 2018(r336038)
@@ -3760,37 +3760,43 @@ SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLA
 "B", "Jail may mount/unmount jail-friendly file systems in general");
 
 /*
- * The VFS system will register jail-aware filesystems here.  They each get
- * a parameter allow.mount.xxxfs and a flag to check when a jailed user
- * attempts to mount.
+ * Add a dynamic parameter allow., or allow...  Return
+ * its associated bit in the pr_allow bitmask, or zero if the parameter was
+ * not created.
  */
-void
-prison_add_vfs(struct vfsconf *vfsp)
+unsigned
+prison_add_allow(const char *prefix, const char *name, const char 
*prefix_descr,
+const char *descr)
 {
-   char *allow_name, *allow_noname, *mount_allowed;
struct bool_flags *bf;
+   struct sysctl_oid *parent;
+   char *allow_name, *allow_noname, *allowed;
 #ifndef NO_SYSCTL_DESCR
-   char *descr;
+   char *descr_deprecated;
 #endif
unsigned allow_flag;
 
-   if (asprintf(_name, M_PRISON, "allow.mount.%s", vfsp->vfc_name) <
-   0 || asprintf(_noname, M_PRISON, "allow.mount.no%s",
-   vfsp->vfc_name) < 0) {
+   if (prefix
+   ? asprintf(_name, M_PRISON, "allow.%s.%s", prefix, name)
+   < 0 ||
+ asprintf(_noname, M_PRISON, "allow.%s.no%s", prefix, name)
+   < 0
+   : asprintf(_name, M_PRISON, "allow.%s", name) < 0 ||
+ asprintf(_noname, M_PRISON, "allow.no%s", name) < 0) {
free(allow_name, M_PRISON);
-   return;
+   return 0;
}
 
/*
-* See if this parameter has already beed added, i.e. if the filesystem
-* was previously loaded/unloaded.
+* See if this parameter has already beed added, i.e. a module was
+* previously loaded/unloaded.
 */
mtx_lock(_mtx);
for (bf = pr_flag_allow;
 bf < pr_flag_allow + nitems(pr_flag_allow) && bf->flag != 0;
 bf++) {
if (strcmp(bf->name, allow_name) == 0) {
-   vfsp->vfc_prison_flag = bf->flag;
+   allow_flag = bf->flag;
goto no_add;
}
}
@@ -3798,7 +3804,7 @@ prison_add_vfs(struct vfsconf *vfsp)
/*
 * Find a free bit in prison0's pr_allow, failing if there are none
 * (which shouldn't happen as long as we keep track of how many
-* filesystems are jail-aware).
+* potential dynamic flags exist).
 */
for (allow_flag = 1;; allow_flag <<= 1) {
if (allow_flag == 0)
@@ -3815,52 +3821,73 @@ prison_add_vfs(struct vfsconf *vfsp)
for (bf = pr_flag_allow; bf->flag != 0; bf++)
if (bf == pr_flag_allow + nitems(pr_flag_allow)) {
/* This should never happen, but is not fatal. */
+   allow_flag = 0;
goto no_add;
}
prison0.pr_allow |= allow_flag;
bf->name = allow_name;
bf->noname = allow_noname;
bf->flag = allow_flag;
-   vfsp->vfc_prison_flag = allow_flag;
mtx_unlock(_mtx);
 
/*
 * Create sysctls for the paramter, and the back-compat global
 * permission.
 */
-#ifndef NO_SYSCTL_DESCR
-   (void)asprintf(, M_TEMP, "Jail may mount the %s file system",
-   vfsp->vfc_name);
-#endif
-   (void)SYSCTL_ADD_PROC(NULL,
-   SYSCTL_CHILDREN(___security_jail_param_allow_mount),
-   OID_AUTO, vfsp->vfc_name, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+   parent = prefix
+   ? SYSCTL_ADD_NODE(NULL,
+ SYSCTL_CHILDREN(___security_jail_param_allow),
+ OID_AUTO, prefix, 0, 0, prefix_descr)
+   : ___security_jail_param_allow;
+   (void)SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(parent), OID_AUTO,
+   name, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
NULL, 0, sysctl_jail_param, "B", descr);
+   if ((prefix
+? asprintf(, M_TEMP, "%s_%s_allowed", prefix, name)
+: asprintf(, M_TEMP, "%s_allowed", name)) >= 0) {
 #ifndef NO_SYSCTL_DESCR
-   free(descr, M_TEMP);
+   (void)asprintf(_deprecated, M_TEMP, "%s (deprecated)",
+   descr);
 #endif
-   if

svn commit: r336035 - head/usr.bin/cpuset

2018-07-06 Thread Jamie Gritton

Author: jamie
Date: Fri Jul  6 16:23:30 2018
New Revision: 336035
URL: https://svnweb.freebsd.org/changeset/base/336035

Log:
  Missed a bit of doc change from r335921.
  
  PR:   229266

Modified:
  head/usr.bin/cpuset/cpuset.1

Modified: head/usr.bin/cpuset/cpuset.1
==
--- head/usr.bin/cpuset/cpuset.1Fri Jul  6 16:22:26 2018
(r336034)
+++ head/usr.bin/cpuset/cpuset.1Fri Jul  6 16:23:30 2018
(r336035)
@@ -52,7 +52,7 @@
 .Op Fl c
 .Op Fl l Ar cpu-list
 .Op Fl n Ar policy:domain-list 
-.Op Fl j Ar jailid | Fl p Ar pid | Fl t Ar tid | Fl s Ar setid | Fl x Ar irq
+.Op Fl j Ar jail | Fl p Ar pid | Fl t Ar tid | Fl s Ar setid | Fl x Ar irq
 .Nm
 .Fl g
 .Op Fl cir
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r335921 - in head: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat

2018-07-03 Thread Jamie Gritton

Author: jamie
Date: Tue Jul  3 23:47:20 2018
New Revision: 335921
URL: https://svnweb.freebsd.org/changeset/base/335921

Log:
  Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8),
   sockstat(1), ugidfw(8)
  These are the last of the jail-aware userland utilities that didn't work
   with names.
  
  PR:   229266
  MFC after:3 days
  Differential Revision:D16047

Modified:
  head/lib/libugidfw/ugidfw.c
  head/sbin/ipfw/Makefile
  head/sbin/ipfw/ipfw.8
  head/sbin/ipfw/ipfw2.c
  head/usr.bin/cpuset/Makefile
  head/usr.bin/cpuset/cpuset.1
  head/usr.bin/cpuset/cpuset.c
  head/usr.bin/sockstat/Makefile
  head/usr.bin/sockstat/sockstat.1
  head/usr.bin/sockstat/sockstat.c

Modified: head/lib/libugidfw/ugidfw.c
==
--- head/lib/libugidfw/ugidfw.c Tue Jul  3 23:45:02 2018(r335920)
+++ head/lib/libugidfw/ugidfw.c Tue Jul  3 23:47:20 2018(r335921)
@@ -34,9 +34,11 @@
  */
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -600,16 +602,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max
 }
 
 static int
+bsde_get_jailid(const char *name, size_t buflen, char *errstr)
+{
+   char *ep;
+   int jid;
+   struct iovec jiov[4];
+
+   /* Copy jail_getid(3) instead of messing with library dependancies */
+   jid = strtoul(name, , 10);
+   if (*name && !*ep)
+   return jid;
+   jiov[0].iov_base = __DECONST(char *, "name");
+   jiov[0].iov_len = sizeof("name");
+   jiov[1].iov_len = strlen(name) + 1;
+   jiov[1].iov_base = alloca(jiov[1].iov_len);
+   strcpy(jiov[1].iov_base, name);
+   if (errstr && buflen) {
+   jiov[2].iov_base = __DECONST(char *, "errmsg");
+   jiov[2].iov_len = sizeof("errmsg");
+   jiov[3].iov_base = errstr;
+   jiov[3].iov_len = buflen;
+   errstr[0] = 0;
+   jid = jail_get(jiov, 4, 0);
+   if (jid < 0 && !errstr[0])
+   snprintf(errstr, buflen, "jail_get: %s",
+   strerror(errno));
+   } else
+   jid = jail_get(jiov, 2, 0);
+   return jid;
+}
+
+static int
 bsde_parse_subject(int argc, char *argv[],
 struct mac_bsdextended_subject *subject, size_t buflen, char *errstr)
 {
int not_seen, flags;
int current, neg, nextnot;
-   char *endp;
uid_t uid_min, uid_max;
gid_t gid_min, gid_max;
int jid = 0;
-   long value;
 
current = 0;
flags = 0;
@@ -668,13 +699,9 @@ bsde_parse_subject(int argc, char *argv[],
snprintf(errstr, buflen, "one jail only");
return (-1);
}
-   value = strtol(argv[current+1], , 10);
-   if (*endp != '\0') {
-   snprintf(errstr, buflen, "invalid jid: '%s'",
-   argv[current+1]);
+   jid = bsde_get_jailid(argv[current+1], buflen, errstr);
+   if (jid < 0)
return (-1);
-   }
-   jid = value;
flags |= MBS_PRISON_DEFINED;
if (nextnot) {
neg ^= MBS_PRISON_DEFINED;

Modified: head/sbin/ipfw/Makefile
==
--- head/sbin/ipfw/Makefile Tue Jul  3 23:45:02 2018(r335920)
+++ head/sbin/ipfw/Makefile Tue Jul  3 23:47:20 2018(r335921)
@@ -13,7 +13,7 @@ SRCS+=altq.c
 CFLAGS+=-DPF
 .endif
 
-LIBADD=util
+LIBADD=jail util
 MAN=   ipfw.8
 
 .include 

Modified: head/sbin/ipfw/ipfw.8
==
--- head/sbin/ipfw/ipfw.8   Tue Jul  3 23:45:02 2018(r335920)
+++ head/sbin/ipfw/ipfw.8   Tue Jul  3 23:47:20 2018(r335921)
@@ -1,7 +1,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd June 28, 2018
+.Dd July 3, 2018
 .Dt IPFW 8
 .Os
 .Sh NAME
@@ -1535,10 +1535,10 @@ Matches all TCP or UDP packets sent by or received for
 A
 .Ar group
 may be specified by name or number.
-.It Cm jail Ar prisonID
+.It Cm jail Ar jail
 Matches all TCP or UDP packets sent by or received for the
-jail whos prison ID is
-.Ar prisonID .
+jail whose ID or name is
+.Ar jail .
 .It Cm icmptypes Ar types
 Matches ICMP packets whose ICMP type is in the list
 .Ar types .

Modified: head/sbin/ipfw/ipfw2.c
==
--- head/sbin/ipfw/ipfw2.c  Tue Jul  3 23:45:02 2018(r335920)
+++ head/sbin/ipfw/ipfw2.c  Tue Jul  3 23:47:20 2018(r335921)
@@ -32,6 +32,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include

svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/pse...

2018-05-04 Thread Jamie Gritton

Author: jamie
Date: Fri May  4 20:54:27 2018
New Revision: 333263
URL: https://svnweb.freebsd.org/changeset/base/333263

Log:
  Make it easier for filesystems to count themselves as jail-enabled,
  by doing most of the work in a new function prison_add_vfs in kern_jail.c
  Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and
  the rest is taken care of.  This includes adding a jail parameter like
  allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed.
  Both of these used to be a static list of known filesystems, with
  predefined permission bits.
  
  Reviewed by:  kib
  Differential Revision:D14681

Modified:
  head/lib/libjail/jail.c
  head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c
  head/sys/compat/linprocfs/linprocfs.c
  head/sys/compat/linsysfs/linsysfs.c
  head/sys/fs/devfs/devfs_vfsops.c
  head/sys/fs/fdescfs/fdesc_vfsops.c
  head/sys/fs/nullfs/null_vfsops.c
  head/sys/fs/procfs/procfs.c
  head/sys/fs/pseudofs/pseudofs.h
  head/sys/fs/tmpfs/tmpfs_vfsops.c
  head/sys/kern/kern_jail.c
  head/sys/kern/vfs_init.c
  head/sys/kern/vfs_mount.c
  head/sys/kern/vfs_subr.c
  head/sys/sys/jail.h
  head/sys/sys/mount.h
  head/usr.sbin/jail/jail.8

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Fri May  4 20:38:26 2018(r333262)
+++ head/lib/libjail/jail.c Fri May  4 20:54:27 2018(r333263)
@@ -1048,7 +1048,13 @@ kldload_param(const char *name)
else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 ||
strcmp(name, "sysvshm") == 0)
kl = kldload(name);
-   else {
+   else if (strncmp(name, "allow.mount.", 12) == 0) {
+   /* Load the matching filesystem */
+   kl = kldload(name + 12);
+   if (kl < 0 && errno == ENOENT &&
+   strncmp(name + 12, "no", 2) == 0)
+   kl = kldload(name + 14);
+   } else {
errno = ENOENT;
return (-1);
}

Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.cFri May 
 4 20:38:26 2018(r333262)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.cFri May 
 4 20:54:27 2018(r333263)
@@ -1640,9 +1640,6 @@ zfs_mount(vfs_t *vfsp)
 
osname = spn.pn_path;
 #else  /* !illumos */
-   if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_ZFS))
-   return (SET_ERROR(EPERM));
-
if (vfs_getopt(vfsp->mnt_optnew, "from", (void **), NULL))
return (SET_ERROR(EINVAL));
 

Modified: head/sys/compat/linprocfs/linprocfs.c
==
--- head/sys/compat/linprocfs/linprocfs.c   Fri May  4 20:38:26 2018
(r333262)
+++ head/sys/compat/linprocfs/linprocfs.c   Fri May  4 20:54:27 2018
(r333263)
@@ -1652,7 +1652,7 @@ linprocfs_uninit(PFS_INIT_ARGS)
return (0);
 }
 
-PSEUDOFS(linprocfs, 1, PR_ALLOW_MOUNT_LINPROCFS);
+PSEUDOFS(linprocfs, 1, VFCF_JAIL);
 #if defined(__amd64__)
 MODULE_DEPEND(linprocfs, linux_common, 1, 1, 1);
 #else

Modified: head/sys/compat/linsysfs/linsysfs.c
==
--- head/sys/compat/linsysfs/linsysfs.c Fri May  4 20:38:26 2018
(r333262)
+++ head/sys/compat/linsysfs/linsysfs.c Fri May  4 20:54:27 2018
(r333263)
@@ -556,7 +556,7 @@ linsysfs_uninit(PFS_INIT_ARGS)
return (0);
 }
 
-PSEUDOFS(linsysfs, 1, PR_ALLOW_MOUNT_LINSYSFS);
+PSEUDOFS(linsysfs, 1, VFCF_JAIL);
 #if defined(__amd64__)
 MODULE_DEPEND(linsysfs, linux_common, 1, 1, 1);
 #else

Modified: head/sys/fs/devfs/devfs_vfsops.c
==
--- head/sys/fs/devfs/devfs_vfsops.cFri May  4 20:38:26 2018
(r333262)
+++ head/sys/fs/devfs/devfs_vfsops.cFri May  4 20:54:27 2018
(r333263)
@@ -83,9 +83,6 @@ devfs_mount(struct mount *mp)
if (mp->mnt_flag & MNT_ROOTFS)
return (EOPNOTSUPP);
 
-   if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_DEVFS))
-   return (EPERM);
-
rsnum = 0;
injail = jailed(td->td_ucred);
 

Modified: head/sys/fs/fdescfs/fdesc_vfsops.c
==
--- head/sys/fs/fdescfs/fdesc_vfsops.c  Fri May  4 20:38:26 2018
(r333262)
+++ head/sys/fs/fdescfs/fdesc_vfsops.c  Fri May  4 20:54:27 2018
(r333263)
@@ -81,12 +81,8 @@ static int
 fdesc_mount(struct mount *mp)
 {
struct fdescmount *fmp;
-   struct thread *td = curthread;
struct vnode *rvp;
int error;
-
-   if (!prison_allow(td->td_ucred,

svn commit: r331332 - head/lib/libjail

2018-03-21 Thread Jamie Gritton

Author: jamie
Date: Wed Mar 21 23:50:46 2018
New Revision: 331332
URL: https://svnweb.freebsd.org/changeset/base/331332

Log:
  If a jail parameter isn't found, try loading a related kernel module.

Modified:
  head/lib/libjail/jail.c

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Wed Mar 21 23:46:26 2018(r331331)
+++ head/lib/libjail/jail.c Wed Mar 21 23:50:46 2018(r331332)
@@ -32,6 +32,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -59,6 +60,7 @@ __FBSDID("$FreeBSD$");
 static int jailparam_import_enum(const char **values, int nvalues,
 const char *valstr, size_t valsize, int *value);
 static int jailparam_type(struct jailparam *jp);
+static int kldload_param(const char *name);
 static char *noname(const char *name);
 static char *nononame(const char *name);
 
@@ -892,6 +894,9 @@ jailparam_type(struct jailparam *jp)
"sysctl(0.3.%s): %s", name, strerror(errno));
return (-1);
}
+   if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, ,
+   desc.s, strlen(desc.s)) >= 0)
+   goto mib_desc;
/*
 * The parameter probably doesn't exist.  But it might be
 * the "no" counterpart to a boolean.
@@ -1028,6 +1033,33 @@ jailparam_type(struct jailparam *jp)
jp->jp_valuelen = 0;
}
return (0);
+}
+
+/*
+ * Attempt to load a kernel module matching an otherwise nonexistent parameter.
+ */
+static int
+kldload_param(const char *name)
+{
+   int kl;
+
+   if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0)
+   kl = kldload("linux");
+   else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 ||
+   strcmp(name, "sysvshm") == 0)
+   kl = kldload(name);
+   else {
+   errno = ENOENT;
+   return (-1);
+   }
+   if (kl < 0 && errno == EEXIST) {
+   /*
+* In the module is already loaded, then it must not contain
+* the parameter.
+*/
+   errno = ENOENT;
+   }
+   return kl;
 }
 
 /*
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r331278 - head/sys/kern

2018-03-20 Thread Jamie Gritton

Author: jamie
Date: Tue Mar 20 23:08:42 2018
New Revision: 331278
URL: https://svnweb.freebsd.org/changeset/base/331278

Log:
  Represent boolean jail options as an array of structures containing the
  flag and both the regular and "no" names, instead of two different string
  arrays whose indices need to match the flag's bit position.  This makes
  them similar to the say "jailsys" options are represented.
  
  Loop through either kind of option array with a structure pointer rather
  then an integer index.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Mar 20 23:08:04 2018(r331277)
+++ head/sys/kern/kern_jail.c   Tue Mar 20 23:08:42 2018(r331278)
@@ -115,6 +115,17 @@ struct prison prison0 = {
 };
 MTX_SYSINIT(prison0, _mtx, "jail mutex", MTX_DEF);
 
+struct bool_flags {
+   const char  *name;
+   const char  *noname;
+   unsigned flag;
+};
+struct jailsys_flags {
+   const char  *name;
+   unsigned disable;
+   unsigned new;
+};
+
 /* allprison, allprison_racct and lastprid are protected by allprison_lock. */
 struct sx allprison_lock;
 SX_SYSINIT(allprison_lock, _lock, "allprison");
@@ -145,86 +156,55 @@ static void prison_racct_detach(struct prison *pr);
  * as we cannot figure out the size of a sparse array, or an array without a
  * terminating entry.
  */
-static char *pr_flag_names[] = {
-   [0] = "persist",
+static struct bool_flags pr_flag_bool[] = {
+   {"persist", "nopersist", PR_PERSIST},
 #ifdef INET
-   [7] = "ip4.saddrsel",
+   {"ip4.saddrsel", "ip4.nosaddrsel", PR_IP4_SADDRSEL},
 #endif
 #ifdef INET6
-   [8] = "ip6.saddrsel",
+   {"ip6.saddrsel", "ip6.nosaddrsel", PR_IP6_SADDRSEL},
 #endif
 };
-const size_t pr_flag_names_size = sizeof(pr_flag_names);
+const size_t pr_flag_bool_size = sizeof(pr_flag_bool);
 
-static char *pr_flag_nonames[] = {
-   [0] = "nopersist",
-#ifdef INET
-   [7] = "ip4.nosaddrsel",
-#endif
-#ifdef INET6
-   [8] = "ip6.nosaddrsel",
-#endif
-};
-const size_t pr_flag_nonames_size = sizeof(pr_flag_nonames);
-
-struct jailsys_flags {
-   const char  *name;
-   unsigned disable;
-   unsigned new;
-} pr_flag_jailsys[] = {
-   { "host", 0, PR_HOST },
+static struct jailsys_flags pr_flag_jailsys[] = {
+   {"host", 0, PR_HOST},
 #ifdef VIMAGE
-   { "vnet", 0, PR_VNET },
+   {"vnet", 0, PR_VNET},
 #endif
 #ifdef INET
-   { "ip4", PR_IP4_USER, PR_IP4_USER },
+   {"ip4", PR_IP4_USER, PR_IP4_USER},
 #endif
 #ifdef INET6
-   { "ip6", PR_IP6_USER, PR_IP6_USER },
+   {"ip6", PR_IP6_USER, PR_IP6_USER},
 #endif
 };
 const size_t pr_flag_jailsys_size = sizeof(pr_flag_jailsys);
 
-static char *pr_allow_names[] = {
-   "allow.set_hostname",
-   "allow.sysvipc",
-   "allow.raw_sockets",
-   "allow.chflags",
-   "allow.mount",
-   "allow.quotas",
-   "allow.socket_af",
-   "allow.mount.devfs",
-   "allow.mount.nullfs",
-   "allow.mount.zfs",
-   "allow.mount.procfs",
-   "allow.mount.tmpfs",
-   "allow.mount.fdescfs",
-   "allow.mount.linprocfs",
-   "allow.mount.linsysfs",
-   "allow.reserved_ports",
+static struct bool_flags pr_flag_allow[] = {
+   {"allow.set_hostname", "allow.noset_hostname", PR_ALLOW_SET_HOSTNAME},
+   {"allow.sysvipc", "allow.nosysvipc", PR_ALLOW_SYSVIPC},
+   {"allow.raw_sockets", "allow.noraw_sockets", PR_ALLOW_RAW_SOCKETS},
+   {"allow.chflags", "allow.nochflags", PR_ALLOW_CHFLAGS},
+   {"allow.mount", "allow.nomount", PR_ALLOW_MOUNT},
+   {"allow.quotas", "allow.noquotas", PR_ALLOW_QUOTAS},
+   {"allow.socket_af", "allow.nosocket_af", PR_ALLOW_SOCKET_AF},
+   {"allow.mount.devfs", "allow.mount.nodevfs", PR_ALLOW_MOUNT_DEVFS},
+   {"allow.mount.nullfs", "allow.mount.nonullfs", PR_ALLOW_MOUNT_NULLFS},
+   {"allow.mount.zfs", "allow.mount.nozfs", PR_ALLOW_MOUNT_ZFS},
+   {"allow.mount.procfs", "allow.mount.noprocfs", PR_ALLOW_MOUNT_PROCFS},
+   {"allow.mount.tmpfs", "allow.mount.notmpfs", PR_ALLOW_MOUNT_TMPFS},
+   {"allow.mount.fdescfs", "allow.mount.nofdescfs",
+PR_ALLOW_MOUNT_FDESCFS},
+   {"allow.mount.linprocfs", "allow.mount.nolinprocfs",
+PR_ALLOW_MOUNT_LINPROCFS},
+   {"allow.mount.linsysfs", "allow.mount.nolinsysfs",
+PR_ALLOW_MOUNT_LINSYSFS},
+   {"allow.reserved_ports", "allow.noreserved_ports",
+PR_ALLOW_RESERVED_PORTS},
 };
-const size_t pr_allow_names_size = sizeof(pr_allow_names);
+const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
 
-static char *pr_allow_nonames[] = {
-   "allow.noset_hostname",
-   "allow.nosysvipc",
-   "allow.noraw_sockets",
-   "allow.nochflags",
-   "allow.nomount",
-   "allow.noquotas",
-   "allow.nosocket_af",
-

svn commit: r330743 - in head: etc/rc.d share/man/man5

2018-03-10 Thread Jamie Gritton

Author: jamie
Date: Sat Mar 10 20:13:07 2018
New Revision: 330743
URL: https://svnweb.freebsd.org/changeset/base/330743

Log:
  Don't warn when the "hostname" rc variable is unset, but the hostname
  is already non-empty (common in jails).

Modified:
  head/etc/rc.d/hostname
  head/share/man/man5/rc.conf.5

Modified: head/etc/rc.d/hostname
==
--- head/etc/rc.d/hostname  Sat Mar 10 18:07:31 2018(r330742)
+++ head/etc/rc.d/hostname  Sat Mar 10 20:13:07 2018(r330743)
@@ -60,9 +60,11 @@ hostname_start()
# Have we got a hostname yet?
#
if [ -z "${hostname}" ]; then
-   # Null hostname is probably OK if DHCP is in use.
+   # Null hostname is probably OK if DHCP is in use,
+   # or when hostname is already set (common for jails).
#
-   if [ -z "`list_net_interfaces dhcp`" ]; then
+   if [ -z "`list_net_interfaces dhcp`" -a \
+-z "`/bin/hostname`" ]; then
warn "\$hostname is not set -- see rc.conf(5)."
fi
return

Modified: head/share/man/man5/rc.conf.5
==
--- head/share/man/man5/rc.conf.5   Sat Mar 10 18:07:31 2018
(r330742)
+++ head/share/man/man5/rc.conf.5   Sat Mar 10 20:13:07 2018
(r330743)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 15, 2018
+.Dd March 10, 2018
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -421,6 +421,9 @@ If
 .Xr dhclient 8
 is used to set the hostname via DHCP,
 this variable should be set to an empty string.
+Within a
+.Xr jail 8
+the hostname is generally already set and this variable may absent.
 If this value remains unset when the system is done booting
 your console login will display the default hostname of
 .Dq Amnesiac .
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r321796 - head/usr.bin/calendar/calendars

2017-07-31 Thread Jamie Gritton

Author: jamie
Date: Mon Jul 31 15:29:44 2017
New Revision: 321796
URL: https://svnweb.freebsd.org/changeset/base/321796

Log:
  Add myself to the birthday calendar.
  
  Reminded by:  mckusick

Modified:
  head/usr.bin/calendar/calendars/calendar.freebsd

Modified: head/usr.bin/calendar/calendars/calendar.freebsd
==
--- head/usr.bin/calendar/calendars/calendar.freebsdMon Jul 31 15:24:40 
2017(r321795)
+++ head/usr.bin/calendar/calendars/calendar.freebsdMon Jul 31 15:29:44 
2017(r321796)
@@ -180,6 +180,7 @@
 05/19  Sofian Brabez  born in Toulouse, France, 1984
 05/20  Dan Moschuk  died in Burlington, Ontario, Canada, 2010
 05/21  Kris Kennaway  born in Winnipeg, Manitoba, Canada, 
1978
+05/22  James Gritton  born in San Francisco, California, 
United States, 1967
 05/22  Clive Tong-I Lin  born in Changhua, Taiwan, Republic 
of China, 1978
 05/22  Michael Bushkov  born in Rostov-on-Don, Russian 
Federation, 1985
 05/22  Rui Paulo  born in Evora, Portugal, 1986
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316023 - head/usr.sbin/jail

2017-03-27 Thread Jamie Gritton

Author: jamie
Date: Mon Mar 27 13:37:40 2017
New Revision: 316023
URL: https://svnweb.freebsd.org/changeset/base/316023

Log:
  Same as r316022 (Fix hexadecimal escape codes in jail.conf(5)),
  but do it right this time.
  
  Reported by:  Kyle Evans 
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jaillex.l

Modified: head/usr.sbin/jail/jaillex.l
==
--- head/usr.sbin/jail/jaillex.lMon Mar 27 13:27:39 2017
(r316022)
+++ head/usr.sbin/jail/jaillex.lMon Mar 27 13:37:40 2017
(r316023)
@@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *++s - '0';
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *++s + (0xA - 'A');
-   else if (s[1] >= 'a' && s[1] <= 'F')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *++s + (0xa - 'a');
else
break;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316022 - head/usr.sbin/jail

2017-03-27 Thread Jamie Gritton

Author: jamie
Date: Mon Mar 27 13:27:39 2017
New Revision: 316022
URL: https://svnweb.freebsd.org/changeset/base/316022

Log:
  Fix hexadecimal escape codes in jail.conf(5).
  
  PR:   218154
  Submitted by: Masahiro Konishi 
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jaillex.l

Modified: head/usr.sbin/jail/jaillex.l
==
--- head/usr.sbin/jail/jaillex.lMon Mar 27 12:34:29 2017
(r316021)
+++ head/usr.sbin/jail/jaillex.lMon Mar 27 13:27:39 2017
(r316022)
@@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *++s - '0';
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *++s + (0xA - 'A');
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'F')
*d = *++s + (0xa - 'a');
else
break;
@@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *d * 0x10 + (*++s - '0');
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *d * 0x10 + (*++s + (0xA - 'A'));
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *d * 0x10 + (*++s + (0xa - 'a'));
}
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r310530 - head/usr.sbin/jls

2016-12-24 Thread Jamie Gritton

Author: jamie
Date: Sat Dec 24 23:51:27 2016
New Revision: 310530
URL: https://svnweb.freebsd.org/changeset/base/310530

Log:
  Improve IP address list representation in libxo output.
  
  Extract decision-making about special-case printing of certain
  jail parameters into a function.
  
  Refactor emitting of IPv4 and IPv6 address lists into a function.
  
  Resulting user-facing changes:
  
  XO_VERSION is bumped to 2.
  
  In verbose mode (-v), IPv4 and IPv6-Addresses are now properly emitted
  as separate lists.
  This only affects the output in encoding styles, i.e. xml and json.
  
  {{
"__version": "1","__version": "2",
"jail-information": {"jail-information": {
  "jail": ["jail": [
{{
  "jid": 166,  "jid": 166,
  "hostname": "foo.com",   "hostname": "foo.com",
  "path": "/var/jail/foo", "path": "/var/jail/foo",
  "name": "foo",   "name": "foo",
  "state": "ACTIVE",   "state": "ACTIVE",
  "cpusetid": 2,   "cpusetid": 2,
  "ipv4_addrs": [  "ipv4_addrs": [
"10.1.1.1",  "10.1.1.1",
"10.1.1.2",  "10.1.1.2",
"10.1.1.3",  |   "10.1.1.3"
 > ],
 > "ipv6_addrs": [
"fe80::1000:1",  "fe80::1000:1",
"fe80::1000:2"   "fe80::1000:2"
  ]]
}}
  ]]
}}
  }}
  
  In -n mode, ip4.addr and ip6.addr are formatted in the encoding styles'
  native list types, e.g. instead of comma-separated lists, JSON arrays
  are printed.
  
  jls -n all --libxo json
   ...
   "ip4.addr": [
  "10.1.1.1",
  "10.1.1.2",
  "10.1.1.3"
],
"ip4.saddrsel": true,
"ip6.addr": [
  "fe80::1000:1",
  "fe80::1000:2"
],
...
  
  jls -n all --libxo xml
...
10.1.1.1
10.1.1.2
10.1.1.3
true
fe80::1000:1
fe80::1000:2
...
  
  PR:   215008
  Submitted by: Christian Schwarz 
  Differential Revision:https://reviews.freebsd.org/D8766

Modified:
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Sat Dec 24 23:43:14 2016(r310529)
+++ head/usr.sbin/jls/jls.c Sat Dec 24 23:51:27 2016(r310530)
@@ -51,7 +51,7 @@ __FBSDID("$FreeBSD$");
 #defineJP_USER 0x0100
 #defineJP_OPT  0x0200
 
-#define JLS_XO_VERSION "1"
+#define JLS_XO_VERSION "2"
 
 #definePRINT_DEFAULT   0x01
 #definePRINT_HEADER0x02
@@ -77,7 +77,10 @@ static int sort_param(const void *a, con
 static char *noname(const char *name);
 static char *nononame(const char *name);
 static int print_jail(int pflags, int jflags);
+static int special_print(int pflags, struct jailparam *param);
 static void quoted_print(int pflags, char *name, char *value);
+static void emit_ip_addr_list(int af_family, const char *list_name,
+   struct jailparam *param);
 
 int
 main(int argc, char **argv)
@@ -379,8 +382,7 @@ print_jail(int pflags, int jflags)
 {
char *nname, *xo_nname;
char **param_values;
-   int i, ai, jid, count, n, spc;
-   char ipbuf[INET6_ADDRSTRLEN];
+   int i, jid, n, spc;
 
jid = jailparam_get(params, nparams, jflags);
if (jid < 0)
@@ -401,29 +403,13 @@ print_jail(int pflags, int jflags)
n = 6;
 #ifdef INET
if (ip4_ok && !strcmp(params[n].jp_name, "ip4.addr")) {
-   count = params[n].jp_valuelen / sizeof(struct in_addr);
-   for (ai = 0; ai < count; ai++)
-   if (inet_ntop(AF_INET,
-   &((struct in_addr *)params[n].jp_value)[ai],
-   ipbuf, sizeof(ipbuf)) == NULL)
-   xo_err(1, "inet_ntop");
-   else {
-   xo_emit("{P:
}{l:ipv4_addrs}{P:\n}", ipbuf);
-   }
+   emit_ip_addr_list(AF_INET, "ipv4_addrs", params + n);
n++;
}
 #endif
 #ifdef INET6
if (ip6_ok && !strcmp(params[n].jp_name, "ip6.addr")) {
-   count = params[n].jp_valuelen / sizeof(struct in6_addr);
-

svn commit: r302857 - head/etc/rc.d

2016-07-14 Thread Jamie Gritton

Author: jamie
Date: Thu Jul 14 20:17:08 2016
New Revision: 302857
URL: https://svnweb.freebsd.org/changeset/base/302857

Log:
  Start jails non-parallel if jail_parallel_start is NO.  This was true
  for an explicitly specified jail list; now it's also true for all jails.
  
  PR:   209112
  MFC after:3 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Thu Jul 14 20:15:55 2016(r302856)
+++ head/etc/rc.d/jail  Thu Jul 14 20:17:08 2016(r302857)
@@ -451,6 +451,9 @@ jail_start()
command=$jail_program
rc_flags=$jail_flags
command_args="-f $jail_conf -c"
+   if ! checkyesno jail_parallel_start; then
+   command_args="$command_args -p1"
+   fi
_tmp=`mktemp -t jail` || exit 3
if $command $rc_flags $command_args >> $_tmp 2>&1; then
$jail_jls jid name | while read _id _name; do
@@ -458,7 +461,7 @@ jail_start()
echo $_id > /var/run/jail_${_name}.id
done
else
-   tail -1 $_tmp
+   cat $_tmp
fi
rm -f $_tmp
echo '.'
@@ -545,7 +548,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command $rc_flags $command_args $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
@@ -568,7 +571,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command -q -f $_conf -r $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302856 - head/usr.sbin/jail

2016-07-14 Thread Jamie Gritton

Author: jamie
Date: Thu Jul 14 20:15:55 2016
New Revision: 302856
URL: https://svnweb.freebsd.org/changeset/base/302856

Log:
  Fix up the order in which jail creation processes are run, to preserve
  the config file's order in the non-parallel-start case.
  
  PR:   209112
  MFC after:3 days

Modified:
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/jailp.h
  head/usr.sbin/jail/state.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cThu Jul 14 19:51:54 2016
(r302855)
+++ head/usr.sbin/jail/command.cThu Jul 14 20:15:55 2016
(r302856)
@@ -92,9 +92,13 @@ next_command(struct cfjail *j)
int create_failed, stopping;
 
if (paralimit == 0) {
-   requeue(j, );
+   if (j->flags & JF_FROM_RUNQ)
+   requeue_head(j, );
+   else
+   requeue(j, );
return 1;
}
+   j->flags &= ~JF_FROM_RUNQ;
create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED;
stopping = (j->flags & JF_STOP) != 0;
comparam = *j->comparam;
@@ -160,20 +164,23 @@ next_command(struct cfjail *j)
 int
 finish_command(struct cfjail *j)
 {
+   struct cfjail *rj;
int error;
 
if (!(j->flags & JF_SLEEPQ))
return 0;
j->flags &= ~JF_SLEEPQ;
-   if (*j->comparam == IP_STOP_TIMEOUT)
-   {
+   if (*j->comparam == IP_STOP_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
j->pstatus = 0;
return 0;
}
paralimit++;
-   if (!TAILQ_EMPTY())
-   requeue(TAILQ_FIRST(), );
+   if (!TAILQ_EMPTY()) {
+   rj = TAILQ_FIRST();
+   rj->flags |= JF_FROM_RUNQ;
+   requeue(rj, );
+   }
error = 0;
if (j->flags & JF_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
@@ -259,7 +266,7 @@ next_proc(int nonblock)
 }
 
 /*
- * Run a single command for a jail, possible inside the jail.
+ * Run a single command for a jail, possibly inside the jail.
  */
 static int
 run_command(struct cfjail *j)

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Thu Jul 14 19:51:54 2016(r302855)
+++ head/usr.sbin/jail/jailp.h  Thu Jul 14 20:15:55 2016(r302856)
@@ -64,6 +64,7 @@
 #define JF_PERSIST 0x0100  /* Jail is temporarily persistent */
 #define JF_TIMEOUT 0x0200  /* A command (or process kill) timed out */
 #define JF_SLEEPQ  0x0400  /* Waiting on a command and/or timeout */
+#define JF_FROM_RUNQ   0x0800  /* Has already been on the run queue */
 
 #define JF_OP_MASK (JF_START | JF_SET | JF_STOP)
 #define JF_RESTART (JF_START | JF_STOP)
@@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void);
 extern int start_state(const char *target, int docf, unsigned state,
 int running);
 extern void requeue(struct cfjail *j, struct cfjails *queue);
+extern void requeue_head(struct cfjail *j, struct cfjails *queue);
 
 extern void yyerror(const char *);
 extern int yylex(void);

Modified: head/usr.sbin/jail/state.c
==
--- head/usr.sbin/jail/state.c  Thu Jul 14 19:51:54 2016(r302855)
+++ head/usr.sbin/jail/state.c  Thu Jul 14 20:15:55 2016(r302856)
@@ -397,6 +397,14 @@ requeue(struct cfjail *j, struct cfjails
}
 }
 
+void
+requeue_head(struct cfjail *j, struct cfjails *queue)
+{
+TAILQ_REMOVE(j->queue, j, tq);
+TAILQ_INSERT_HEAD(queue, j, tq);
+j->queue = queue;
+}
+
 /*
  * Add a dependency edge between two jails.
  */
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302855 - head/etc/rc.d

2016-07-14 Thread Jamie Gritton

Author: jamie
Date: Thu Jul 14 19:51:54 2016
New Revision: 302855
URL: https://svnweb.freebsd.org/changeset/base/302855

Log:
  Wait for jails to complete startup if jail_parallel_start is YES,
  instead of assuming they'll take less than one second.
  
  PR:   203172
  Submitted by: dmitry2...@yandex.ru

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Thu Jul 14 18:49:05 2016(r302854)
+++ head/etc/rc.d/jail  Thu Jul 14 19:51:54 2016(r302855)
@@ -440,7 +440,7 @@ jail_status()
 
 jail_start()
 {
-   local _j _jv _jid _jl _id _name
+   local _j _jv _jid _id _name
 
if [ $# = 0 ]; then
return
@@ -470,29 +470,30 @@ jail_start()
# Start jails in parallel and then check jail id when
# jail_parallel_start is YES.
#
-   _jl=
for _j in $@; do
_j=$(echo $_j | tr /. _)
_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
parse_options $_j $_jv || continue
 
-   _jl="$_jl $_j"
eval rc_flags=\${jail_${_jv}_flags:-$jail_flags}
eval command=\${jail_${_jv}_program:-$jail_program}
command_args="-i -f $_conf -c $_j"
-   $command $rc_flags $command_args \
-   >/dev/null 2>&1  /var/run/jail_${_j}.id
-   else
-   echo " cannot start jail " \
-   "\"${_hostname:-${_j}}\": "
-   fi
+   (
+   _tmp=`mktemp -t jail_${_j}` || exit 3
+   if $command $rc_flags $command_args \
+   >> $_tmp 2>&1  /var/run/jail_${_j}.id
+   else
+   echo " cannot start jail " \
+   "\"${_hostname:-${_j}}\": "
+   cat $_tmp
+   fi
+   rm -f $_tmp
+   ) &
done
+   wait
else
#
# Start jails one-by-one when jail_parallel_start is NO.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r301764 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie
Date: Thu Jun  9 21:59:11 2016
New Revision: 301764
URL: https://svnweb.freebsd.org/changeset/base/301764

Log:
  Fix a vnode leak when giving a child jail a too-long path when
  debug.disablefullpath=1.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 21:57:34 2016(r301763)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 21:59:11 2016(r301764)
@@ -1010,6 +1010,7 @@ kern_jail_set(struct thread *td, struct 
if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/")
? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
error = ENAMETOOLONG;
+   vrele(root);
goto done_free;
}
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r301760 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie
Date: Thu Jun  9 20:43:14 2016
New Revision: 301760
URL: https://svnweb.freebsd.org/changeset/base/301760

Log:
  Re-order some jail parameter reading to prevent a vnode leak.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 20:40:12 2016(r301759)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 20:43:14 2016(r301760)
@@ -920,6 +920,46 @@ kern_jail_set(struct thread *td, struct 
}
 #endif
 
+   error = vfs_getopt(opts, "osrelease", (void **), );
+   if (error == ENOENT)
+   osrelstr = NULL;
+   else if (error != 0)
+   goto done_free;
+   else {
+   if (flags & JAIL_UPDATE) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osrelease cannot be changed after creation");
+   goto done_errmsg;
+   }
+   if (len == 0 || len >= OSRELEASELEN) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osrelease string must be 1-%d bytes long",
+   OSRELEASELEN - 1);
+   goto done_errmsg;
+   }
+   }
+
+   error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt));
+   if (error == ENOENT)
+   osreldt = 0;
+   else if (error != 0)
+   goto done_free;
+   else {
+   if (flags & JAIL_UPDATE) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osreldate cannot be changed after creation");
+   goto done_errmsg;
+   }
+   if (osreldt == 0) {
+   error = EINVAL;
+   vfs_opterror(opts, "osreldate cannot be 0");
+   goto done_errmsg;
+   }
+   }
+
fullpath_disabled = 0;
root = NULL;
error = vfs_getopt(opts, "path", (void **), );
@@ -975,46 +1015,6 @@ kern_jail_set(struct thread *td, struct 
}
}
 
-   error = vfs_getopt(opts, "osrelease", (void **), );
-   if (error == ENOENT)
-   osrelstr = NULL;
-   else if (error != 0)
-   goto done_free;
-   else {
-   if (flags & JAIL_UPDATE) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osrelease cannot be changed after creation");
-   goto done_errmsg;
-   }
-   if (len == 0 || len >= OSRELEASELEN) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osrelease string must be 1-%d bytes long",
-   OSRELEASELEN - 1);
-   goto done_errmsg;
-   }
-   }
-
-   error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt));
-   if (error == ENOENT)
-   osreldt = 0;
-   else if (error != 0)
-   goto done_free;
-   else {
-   if (flags & JAIL_UPDATE) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osreldate cannot be changed after creation");
-   goto done_errmsg;
-   }
-   if (osreldt == 0) {
-   error = EINVAL;
-   vfs_opterror(opts, "osreldate cannot be 0");
-   goto done_errmsg;
-   }
-   }
-
/*
 * Find the specified jail, or at least its parent.
 * This abuses the file error codes ENOENT and EEXIST.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r301758 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie
Date: Thu Jun  9 20:39:57 2016
New Revision: 301758
URL: https://svnweb.freebsd.org/changeset/base/301758

Log:
  Clean up some logic in jail error messages, replacing a missing test and
  a redundant test with a single correct test.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 20:23:30 2016(r301757)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 20:39:57 2016(r301758)
@@ -1929,19 +1929,17 @@ kern_jail_set(struct thread *td, struct 
vrele(root);
  done_errmsg:
if (error) {
-   vfs_getopt(opts, "errmsg", (void **), _len);
-   if (errmsg_len > 0) {
+   if (vfs_getopt(opts, "errmsg", (void **),
+   _len) == 0 && errmsg_len > 0) {
errmsg_pos = 2 * vfs_getopt_pos(opts, "errmsg") + 1;
-   if (errmsg_pos > 0) {
-   if (optuio->uio_segflg == UIO_SYSSPACE)
-   bcopy(errmsg,
-  optuio->uio_iov[errmsg_pos].iov_base,
-  errmsg_len);
-   else
-   copyout(errmsg,
-  optuio->uio_iov[errmsg_pos].iov_base,
-  errmsg_len);
-   }
+   if (optuio->uio_segflg == UIO_SYSSPACE)
+   bcopy(errmsg,
+   optuio->uio_iov[errmsg_pos].iov_base,
+   errmsg_len);
+   else
+   copyout(errmsg,
+   optuio->uio_iov[errmsg_pos].iov_base,
+   errmsg_len);
}
}
  done_free:
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r301745 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie
Date: Thu Jun  9 16:41:41 2016
New Revision: 301745
URL: https://svnweb.freebsd.org/changeset/base/301745

Log:
  Make sure the OSD methods for jail set and remove can't run concurrently,
  by holding allprison_lock exclusively (even if only for a moment before
  downgrading) on all paths that call PR_METHOD_REMOVE.  Since they may run
  on a downgraded lock, it's still possible for them to run concurrently
  with PR_METHOD_GET, which will need to use the prison lock.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 16:30:27 2016(r301744)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 16:41:41 2016(r301745)
@@ -2383,7 +2383,14 @@ sys_jail_attach(struct thread *td, struc
if (error)
return (error);
 
-   sx_slock(_lock);
+   /*
+* Start with exclusive hold on allprison_lock to ensure that a possible
+* PR_METHOD_REMOVE call isn't concurrent with jail_set or jail_remove.
+* But then immediately downgrade it since we don't need to stop
+* readers.
+*/
+   sx_xlock(_lock);
+   sx_downgrade(_lock);
pr = prison_find_child(td->td_ucred->cr_prison, uap->jid);
if (pr == NULL) {
sx_sunlock(_lock);
@@ -2601,9 +2608,11 @@ prison_complete(void *context, int pendi
 {
struct prison *pr = context;
 
+   sx_xlock(_lock);
mtx_lock(>pr_mtx);
prison_deref(pr, pr->pr_uref
-   ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED);
+   ? PD_DEREF | PD_DEUREF | PD_LOCKED | PD_LIST_XLOCKED
+   : PD_LOCKED | PD_LIST_XLOCKED);
 }
 
 /*
@@ -2647,13 +2656,8 @@ prison_deref(struct prison *pr, int flag
 */
if (lasturef) {
if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) {
-   if (ref > 1) {
-   sx_slock(_lock);
-   flags |= PD_LIST_SLOCKED;
-   } else {
-   sx_xlock(_lock);
-   flags |= PD_LIST_XLOCKED;
-   }
+   sx_xlock(_lock);
+   flags |= PD_LIST_XLOCKED;
}
(void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
mtx_lock(>pr_mtx);
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r301737 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie
Date: Thu Jun  9 15:34:33 2016
New Revision: 301737
URL: https://svnweb.freebsd.org/changeset/base/301737

Log:
  Remove a comment that was part of copied code, and is misleading in
  the new location.

Modified:
  head/sys/kern/sysv_msg.c

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cThu Jun  9 15:19:48 2016(r301736)
+++ head/sys/kern/sysv_msg.cThu Jun  9 15:34:33 2016(r301737)
@@ -320,12 +320,6 @@ msgunload()
 #endif
 
for (msqid = 0; msqid < msginfo.msgmni; msqid++) {
-   /*
-* Look for an unallocated and unlocked msqid_ds.
-* msqid_ds's can be locked by msgsnd or msgrcv while
-* they are copying the message in/out.  We can't
-* re-use the entry until they release it.
-*/
msqkptr = [msqid];
if (msqkptr->u.msg_qbytes != 0 ||
(msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0)
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r300983 - in head: lib/libc/sys sys/kern

2016-05-29 Thread Jamie Gritton

Author: jamie
Date: Mon May 30 05:21:24 2016
New Revision: 300983
URL: https://svnweb.freebsd.org/changeset/base/300983

Log:
  Mark jail(2), and the sysctls that it (and only it) uses as deprecated.
  jail(8) has long used jail_set(2), and those sysctl only cause confusion.

Modified:
  head/lib/libc/sys/jail.2
  head/sys/kern/kern_jail.c

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Mon May 30 04:48:06 2016(r300982)
+++ head/lib/libc/sys/jail.2Mon May 30 05:21:24 2016(r300983)
@@ -106,7 +106,7 @@ pointers can be set to an arrays of IPv4
 the prison, or NULL if none.
 IPv4 addresses must be in network byte order.
 .Pp
-This is equivalent to the
+This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
 system call (see below), with the parameters
 .Va path ,

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon May 30 04:48:06 2016(r300982)
+++ head/sys/kern/kern_jail.c   Mon May 30 05:21:24 2016(r300983)
@@ -4276,7 +4276,7 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vn
 #if defined(INET) || defined(INET6)
 SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
 _max_af_ips, 0,
-"Number of IP addresses a jail may have at most per address family");
+"Number of IP addresses a jail may have at most per address family 
(deprecated)");
 #endif
 
 /*
@@ -4316,59 +4316,59 @@ sysctl_jail_default_allow(SYSCTL_HANDLER
 SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I",
-"Processes in jail can set their hostnames");
+"Processes in jail can set their hostnames (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I",
-"Processes in jail are limited to creating UNIX/IP/route sockets only");
+"Processes in jail are limited to creating UNIX/IP/route sockets only 
(deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I",
-"Processes in jail can use System V IPC primitives");
+"Processes in jail can use System V IPC primitives (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I",
-"Prison root can create raw sockets");
+"Prison root can create raw sockets (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I",
-"Processes in jail can alter system file flags");
+"Processes in jail can alter system file flags (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I",
-"Processes in jail can mount/unmount jail-friendly file systems");
+"Processes in jail can mount/unmount jail-friendly file systems 
(deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_devfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the devfs file system");
+"Processes in jail can mount the devfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_fdescfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_FDESCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the fdescfs file system");
+"Processes in jail can mount the fdescfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the nullfs file system");
+"Processes in jail can mount the nullfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_procfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_PROCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the procfs file system");
+"Processes in jail can mount the procfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_linprocfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_LINPROCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the linprocfs file system");
+"Processes in jail can mount the linprocfs file system (deprecated)");
 SYSCTL_PROC(_security_jail,

svn commit: r298888 - head/usr.sbin/jail

2016-05-01 Thread Jamie Gritton

Author: jamie
Date: Sun May  1 16:48:03 2016
New Revision: 29
URL: https://svnweb.freebsd.org/changeset/base/29

Log:
  typo
  
  Submitted by: Jimmy Olgeni

Modified:
  head/usr.sbin/jail/jail.8

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Sun May  1 16:43:22 2016(r298887)
+++ head/usr.sbin/jail/jail.8   Sun May  1 16:48:03 2016(r29)
@@ -653,7 +653,7 @@ its keys.
 If set to
 .Dq disable ,
 the jail cannot perform any sysvmsg-related system calls.
-.It Va sysvsem, sysvmsg
+.It Va sysvsem, sysvshm
 Allow access to SYSV IPC semaphore and shared memory primitives, in the
 same manner as
 .Va sysvmsg.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298863 - in head: share/man/man5 usr.sbin/jail

2016-04-30 Thread Jamie Gritton

Author: jamie
Date: Sat Apr 30 21:27:41 2016
New Revision: 298863
URL: https://svnweb.freebsd.org/changeset/base/298863

Log:
  Clarify when happens when there is a "depend" parameter in jail.conf,
  and how this affects the "jail_list" option in rc.conf.

Modified:
  head/share/man/man5/rc.conf.5
  head/usr.sbin/jail/jail.8

Modified: head/share/man/man5/rc.conf.5
==
--- head/share/man/man5/rc.conf.5   Sat Apr 30 20:05:23 2016
(r298862)
+++ head/share/man/man5/rc.conf.5   Sat Apr 30 21:27:41 2016
(r298863)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd April 29, 2016
+.Dd April 30, 2016
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -3868,6 +3868,9 @@ The names specified in this list control
 instances missing from
 .Va jail_list
 must be started manually.
+Note that a jail's
+.Va depend
+parameter in the configuration file may override this list.
 .It Va jail_reverse_stop
 .Pq Vt bool
 When set to

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Sat Apr 30 20:05:23 2016(r298862)
+++ head/usr.sbin/jail/jail.8   Sat Apr 30 21:27:41 2016(r298863)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd April 25, 2016
+.Dd April 30, 2016
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -838,13 +838,14 @@ Allow making changes to a
 jail.
 .It Va depend
 Specify a jail (or jails) that this jail depends on.
-Any such jails must be fully created, up to the last
+When this jail is to be created, any jail(s) it depends on must already exist.
+If not, they will be created automatically, up to the completion of the last
 .Va exec.poststart
 command, before any action will taken to create this jail.
 When jails are removed the opposite is true:
-this jail must be fully removed, up to the last
+this jail will be removed, up to the last
 .Va exec.poststop
-command, before the jail(s) it depends on are stopped.
+command, before any jail(s) it depends on are stopped.
 .El
 .Sh EXAMPLES
 Jails are typically set up using one of two philosophies: either to
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298683 - in head/sys: kern sys

2016-04-26 Thread Jamie Gritton

Author: jamie
Date: Wed Apr 27 02:25:21 2016
New Revision: 298683
URL: https://svnweb.freebsd.org/changeset/base/298683

Log:
  Delay revmoing the last jail reference in prison_proc_free, and instead
  put it off into the pr_task.  This is similar to prison_free, and in fact
  uses the same task even though they do something slightly different.
  
  This resolves a LOR between the process lock and allprison_lock, which
  came about in r298565.
  
  PR:   48471

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Apr 27 02:13:57 2016(r298682)
+++ head/sys/kern/kern_jail.c   Wed Apr 27 02:25:21 2016(r298683)
@@ -1328,6 +1328,7 @@ kern_jail_set(struct thread *td, struct 
 
LIST_INIT(>pr_children);
mtx_init(>pr_mtx, "jail mutex", NULL, MTX_DEF | MTX_DUPOK);
+   TASK_INIT(>pr_task, 0, prison_complete, pr);
 
 #ifdef VIMAGE
/* Allocate a new vnet if specified. */
@@ -2575,16 +2576,13 @@ prison_allow(struct ucred *cred, unsigne
 void
 prison_free_locked(struct prison *pr)
 {
+   int ref;
 
mtx_assert(>pr_mtx, MA_OWNED);
-   pr->pr_ref--;
-   if (pr->pr_ref == 0) {
-   mtx_unlock(>pr_mtx);
-   TASK_INIT(>pr_task, 0, prison_complete, pr);
-   taskqueue_enqueue(taskqueue_thread, >pr_task);
-   return;
-   }
+   ref = --pr->pr_ref;
mtx_unlock(>pr_mtx);
+   if (ref == 0)
+   taskqueue_enqueue(taskqueue_thread, >pr_task);
 }
 
 void
@@ -2595,11 +2593,17 @@ prison_free(struct prison *pr)
prison_free_locked(pr);
 }
 
+/*
+ * Complete a call to either prison_free or prison_proc_free.
+ */
 static void
 prison_complete(void *context, int pending)
 {
+   struct prison *pr = context;
 
-   prison_deref((struct prison *)context, 0);
+   mtx_lock(>pr_mtx);
+   prison_deref(pr, pr->pr_uref
+   ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED);
 }
 
 /*
@@ -2618,6 +2622,9 @@ prison_deref(struct prison *pr, int flag
mtx_lock(>pr_mtx);
for (;;) {
if (flags & PD_DEUREF) {
+   KASSERT(pr->pr_uref > 0,
+   ("prison_deref PD_DEUREF on a dead prison (jid=%d)",
+pr->pr_id));
pr->pr_uref--;
lasturef = pr->pr_uref == 0;
if (lasturef)
@@ -2625,8 +2632,12 @@ prison_deref(struct prison *pr, int flag
KASSERT(prison0.pr_uref != 0, ("prison0 pr_uref=0"));
} else
lasturef = 0;
-   if (flags & PD_DEREF)
+   if (flags & PD_DEREF) {
+   KASSERT(pr->pr_ref > 0,
+   ("prison_deref PD_DEREF on a dead prison (jid=%d)",
+pr->pr_id));
pr->pr_ref--;
+   }
ref = pr->pr_ref;
mtx_unlock(>pr_mtx);
 
@@ -2740,7 +2751,20 @@ prison_proc_free(struct prison *pr)
mtx_lock(>pr_mtx);
KASSERT(pr->pr_uref > 0,
("Trying to kill a process in a dead prison (jid=%d)", pr->pr_id));
-   prison_deref(pr, PD_DEUREF | PD_LOCKED);
+   if (pr->pr_uref > 1)
+   pr->pr_uref--;
+   else {
+   /*
+* Don't remove the last user reference in this context, which
+* is expected to be a process that is not only locked, but
+* also half dead.
+*/
+   pr->pr_ref++;
+   mtx_unlock(>pr_mtx);
+   taskqueue_enqueue(taskqueue_thread, >pr_task);
+   return;
+   }
+   mtx_unlock(>pr_mtx);
 }
 
 

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Wed Apr 27 02:13:57 2016(r298682)
+++ head/sys/sys/jail.h Wed Apr 27 02:25:21 2016(r298683)
@@ -149,7 +149,6 @@ struct prison_racct;
  *   (p) locked by pr_mtx
  *   (c) set only during creation before the structure is shared, no mutex
  *   required to read
- *   (d) set only during destruction of jail, no mutex needed
  */
 struct prison {
TAILQ_ENTRY(prison) pr_list;/* (a) all prisons */
@@ -161,7 +160,7 @@ struct prison {
LIST_ENTRY(prison) pr_sibling;  /* (a) next in parent's 
list */
struct prison   *pr_parent; /* (c) containing jail 
*/
struct mtx   pr_mtx;
-   struct task  pr_task;   /* (d) destroy task */
+   struct task  pr_task;   /* (c) destroy task */
struct osd   pr_osd;/* (p) additional data 
*/

svn commit: r298668 - head/sys/kern

2016-04-26 Thread Jamie Gritton

Author: jamie
Date: Tue Apr 26 21:19:12 2016
New Revision: 298668
URL: https://svnweb.freebsd.org/changeset/base/298668

Log:
  Use crcopysafe in jail_attach.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Apr 26 21:11:52 2016(r298667)
+++ head/sys/kern/kern_jail.c   Tue Apr 26 21:19:12 2016(r298668)
@@ -2405,7 +2405,6 @@ sys_jail_attach(struct thread *td, struc
 static int
 do_jail_attach(struct thread *td, struct prison *pr)
 {
-   struct prison *ppr;
struct proc *p;
struct ucred *newcred, *oldcred;
int error;
@@ -2433,7 +2432,6 @@ do_jail_attach(struct thread *td, struct
/*
 * Reparent the newly attached process to this jail.
 */
-   ppr = td->td_ucred->cr_prison;
p = td->td_proc;
error = cpuset_setproc_update_set(p, pr->pr_cpuset);
if (error)
@@ -2452,23 +2450,23 @@ do_jail_attach(struct thread *td, struct
 
newcred = crget();
PROC_LOCK(p);
-   oldcred = p->p_ucred;
-   setsugid(p);
-   crcopy(newcred, oldcred);
+   oldcred = crcopysafe(p, newcred);
newcred->cr_prison = pr;
proc_set_cred(p, newcred);
+   setsugid(p);
PROC_UNLOCK(p);
 #ifdef RACCT
racct_proc_ucred_changed(p, oldcred, newcred);
 #endif
+   prison_deref(oldcred->cr_prison, PD_DEREF | PD_DEUREF);
crfree(oldcred);
-   prison_deref(ppr, PD_DEREF | PD_DEUREF);
return (0);
+
  e_unlock:
VOP_UNLOCK(pr->pr_root, 0);
  e_revert_osd:
/* Tell modules this thread is still in its old jail after all. */
-   (void)osd_jail_call(ppr, PR_METHOD_ATTACH, td);
+   (void)osd_jail_call(td->td_ucred->cr_prison, PR_METHOD_ATTACH, td);
prison_deref(pr, PD_DEREF | PD_DEUREF);
return (error);
 }
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298656 - head/sys/kern

2016-04-26 Thread Jamie Gritton

Author: jamie
Date: Tue Apr 26 18:17:44 2016
New Revision: 298656
URL: https://svnweb.freebsd.org/changeset/base/298656

Log:
  Redo the changes to the SYSV IPC sysctl functions from r298585, so they
  don't (mis)use sbufs.
  
  PR:   48471

Modified:
  head/sys/kern/sysv_msg.c
  head/sys/kern/sysv_sem.c
  head/sys/kern/sysv_shm.c

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cTue Apr 26 18:11:45 2016(r298655)
+++ head/sys/kern/sysv_msg.cTue Apr 26 18:17:44 2016(r298656)
@@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -1423,38 +1422,28 @@ sys_msgrcv(td, uap)
 static int
 sysctl_msqids(SYSCTL_HANDLER_ARGS)
 {
-   struct sbuf sb;
-   struct msqid_kernel tmp, empty;
-   struct msqid_kernel *msqkptr;
-   struct prison *rpr;
+   struct msqid_kernel tmsqk;
+   struct prison *pr, *rpr;
int error, i;
 
-   error = sysctl_wire_old_buffer(req, 0);
-   if (error != 0)
-   goto done;
+   pr = req->td->td_ucred->cr_prison;
rpr = msg_find_prison(req->td->td_ucred);
-   sbuf_new_for_sysctl(, NULL, sizeof(struct msqid_kernel) *
-   msginfo.msgmni, req);
-
-   bzero(, sizeof(empty));
+   error = 0;
for (i = 0; i < msginfo.msgmni; i++) {
-   msqkptr = [i];
-   if (msqkptr->u.msg_qbytes == 0 || rpr == NULL ||
-   msq_prison_cansee(rpr, msqkptr) != 0) {
-   msqkptr = 
-   } else if (req->td->td_ucred->cr_prison !=
-   msqkptr->cred->cr_prison) {
-   bcopy(msqkptr, , sizeof(tmp));
-   msqkptr = 
-   msqkptr->u.msg_perm.key = IPC_PRIVATE;
+   mtx_lock(_mtx);
+   if (msqids[i].u.msg_qbytes == 0 || rpr == NULL ||
+   msq_prison_cansee(rpr, [i]) != 0)
+   bzero(, sizeof(tmsqk));
+   else {
+   tmsqk = msqids[i];
+   if (tmsqk.cred->cr_prison != pr)
+   tmsqk.u.msg_perm.key = IPC_PRIVATE;
}
-
-   sbuf_bcat(, msqkptr, sizeof(*msqkptr));
+   mtx_unlock(_mtx);
+   error = SYSCTL_OUT(req, , sizeof(tmsqk));
+   if (error != 0)
+   break;
}
-   error = sbuf_finish();
-   sbuf_delete();
-
-done:
return (error);
 }
 
@@ -1470,7 +1459,8 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, msgssz, 
 "Size of a message segment");
 SYSCTL_INT(_kern_ipc, OID_AUTO, msgseg, CTLFLAG_RDTUN, , 0,
 "Number of message segments");
-SYSCTL_PROC(_kern_ipc, OID_AUTO, msqids, CTLTYPE_OPAQUE | CTLFLAG_RD,
+SYSCTL_PROC(_kern_ipc, OID_AUTO, msqids,
+CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE,
 NULL, 0, sysctl_msqids, "", "Message queue IDs");
 
 static int

Modified: head/sys/kern/sysv_sem.c
==
--- head/sys/kern/sysv_sem.cTue Apr 26 18:11:45 2016(r298655)
+++ head/sys/kern/sysv_sem.cTue Apr 26 18:17:44 2016(r298656)
@@ -52,7 +52,6 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -220,7 +219,8 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, semvmx, 
 "Semaphore maximum value");
 SYSCTL_INT(_kern_ipc, OID_AUTO, semaem, CTLFLAG_RWTUN, , 0,
 "Adjust on exit max value");
-SYSCTL_PROC(_kern_ipc, OID_AUTO, sema, CTLTYPE_OPAQUE | CTLFLAG_RD,
+SYSCTL_PROC(_kern_ipc, OID_AUTO, sema,
+CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE,
 NULL, 0, sysctl_sema, "", "Semaphore id pool");
 
 static struct syscall_helper_data sem_syscalls[] = {
@@ -1465,38 +1465,28 @@ semexit_myhook(void *arg, struct proc *p
 static int
 sysctl_sema(SYSCTL_HANDLER_ARGS)
 {
-   struct prison *rpr;
-   struct sbuf sb;
-   struct semid_kernel tmp, empty;
-   struct semid_kernel *semakptr;
+   struct prison *pr, *rpr;
+   struct semid_kernel tsemak;
int error, i;
 
-   error = sysctl_wire_old_buffer(req, 0);
-   if (error != 0)
-   goto done;
+   pr = req->td->td_ucred->cr_prison;
rpr = sem_find_prison(req->td->td_ucred);
-   sbuf_new_for_sysctl(, NULL, sizeof(struct semid_kernel) *
-   seminfo.semmni, req);
-
-   bzero(, sizeof(empty));
+   error = 0;
for (i = 0; i < seminfo.semmni; i++) {
-   semakptr = [i];
-   if ((semakptr->u.sem_perm.mode & SEM_ALLOC) == 0 ||
-   rpr == NULL || sem_prison_cansee(rpr, semakptr) != 0) {
-   semakptr = 
-   } else if (req->td->td_ucred->cr_prison !=
-   semakptr->cred->cr_prison) {
-   bcopy(semakptr, , sizeof(tmp));
-

svn commit: r298597 - head/sys/kern

2016-04-25 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 22:30:10 2016
New Revision: 298597
URL: https://svnweb.freebsd.org/changeset/base/298597

Log:
  Fix the logic in r298585: shm_prison_cansee returns an errno, so is
  the opposite of a boolean.
  
  PR:   48471

Modified:
  head/sys/kern/sysv_shm.c

Modified: head/sys/kern/sysv_shm.c
==
--- head/sys/kern/sysv_shm.cMon Apr 25 22:25:57 2016(r298596)
+++ head/sys/kern/sysv_shm.cMon Apr 25 22:30:10 2016(r298597)
@@ -230,7 +230,7 @@ shm_find_segment(struct prison *rpr, int
(!shm_allow_removed &&
(shmseg->u.shm_perm.mode & SHMSEG_REMOVED) != 0) ||
(is_shmid && shmseg->u.shm_perm.seq != IPCID_TO_SEQ(arg)) ||
-   !shm_prison_cansee(rpr, shmseg))
+   shm_prison_cansee(rpr, shmseg) != 0)
return (NULL);
return (shmseg);
 }
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298585 - in head: sys/kern usr.sbin/jail

2016-04-25 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 17:06:50 2016
New Revision: 298585
URL: https://svnweb.freebsd.org/changeset/base/298585

Log:
  Encapsulate SYSV IPC objects in jails.  Define per-module parameters
  sysvmsg, sysvsem, and sysvshm, with the following bahavior:
  
  inherit: allow full access to the IPC primitives.  This is the same as
  the current setup with allow.sysvipc is on.  Jails and the base system
  can see (and moduly) each other's objects, which is generally considered
  a bad thing (though may be useful in some circumstances).
  
  disable: all no access, same as the current setup with allow.sysvipc off.
  
  new: A jail may see use the IPC objects that it has created.  It also
  gets its own IPC key namespace, so different jails may have their own
  objects using the same key value.  The parent jail (or base system) can
  see the jail's IPC objects, but not its keys.
  
  PR:   48471
  Submitted by: based on work by kikucha...@gmail.com
  MFC after:5 days

Modified:
  head/sys/kern/sysv_msg.c
  head/sys/kern/sysv_sem.c
  head/sys/kern/sysv_shm.c
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cMon Apr 25 17:01:13 2016(r298584)
+++ head/sys/kern/sysv_msg.cMon Apr 25 17:06:50 2016(r298585)
@@ -62,8 +62,11 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -80,6 +83,14 @@ static MALLOC_DEFINE(M_MSG, "msg", "SVID
 static int msginit(void);
 static int msgunload(void);
 static int sysvmsg_modload(struct module *, int, void *);
+static void msq_remove(struct msqid_kernel *);
+static struct prison *msg_find_prison(struct ucred *);
+static int msq_prison_cansee(struct prison *, struct msqid_kernel *);
+static int msg_prison_check(void *, void *);
+static int msg_prison_set(void *, void *);
+static int msg_prison_get(void *, void *);
+static int msg_prison_remove(void *, void *);
+static void msg_prison_cleanup(struct prison *);
 
 
 #ifdef MSG_DEBUG
@@ -155,6 +166,7 @@ static struct msgmap *msgmaps;  /* MSGSEG
 static struct msg *msghdrs;/* MSGTQL msg headers */
 static struct msqid_kernel *msqids;/* MSGMNI msqid_kernel struct's */
 static struct mtx msq_mtx; /* global mutex for message queues. */
+static unsigned msg_prison_slot;/* prison OSD slot */
 
 static struct syscall_helper_data msg_syscalls[] = {
SYSCALL_INIT_HELPER(msgctl),
@@ -194,7 +206,15 @@ static struct syscall_helper_data msg32_
 static int
 msginit()
 {
+   struct prison *pr;
+   void *rsv;
int i, error;
+   osd_method_t methods[PR_MAXMETHOD] = {
+   [PR_METHOD_CHECK] = msg_prison_check,
+   [PR_METHOD_SET] =   msg_prison_set,
+   [PR_METHOD_GET] =   msg_prison_get,
+   [PR_METHOD_REMOVE] =msg_prison_remove,
+   };
 
msginfo.msgmax = msginfo.msgseg * msginfo.msgssz;
msgpool = malloc(msginfo.msgmax, M_MSG, M_WAITOK);
@@ -252,6 +272,29 @@ msginit()
}
mtx_init(_mtx, "msq", NULL, MTX_DEF);
 
+   /* Set current prisons according to their allow.sysvipc. */
+   msg_prison_slot = osd_jail_register(NULL, methods);
+   rsv = osd_reserve(msg_prison_slot);
+   prison_lock();
+   (void)osd_jail_set_reserved(, msg_prison_slot, rsv, );
+   prison_unlock();
+   rsv = NULL;
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list) {
+   if (rsv == NULL)
+   rsv = osd_reserve(msg_prison_slot);
+   prison_lock(pr);
+   if ((pr->pr_allow & PR_ALLOW_SYSVIPC) && pr->pr_ref > 0) {
+   (void)osd_jail_set_reserved(pr, msg_prison_slot, rsv,
+   );
+   rsv = NULL;
+   }
+   prison_unlock(pr);
+   }
+   if (rsv != NULL)
+   osd_free_reserved(rsv);
+   sx_sunlock(_lock);
+
error = syscall_helper_register(msg_syscalls, SY_THR_STATIC_KLD);
if (error != 0)
return (error);
@@ -292,6 +335,8 @@ msgunload()
if (msqid != msginfo.msgmni)
return (EBUSY);
 
+   if (msg_prison_slot != 0)
+   osd_jail_deregister(msg_prison_slot);
 #ifdef MAC
for (i = 0; i < msginfo.msgtql; i++)
mac_sysvmsg_destroy([i]);
@@ -366,6 +411,67 @@ msg_freehdr(msghdr)
 #endif
 }
 
+static void
+msq_remove(struct msqid_kernel *msqkptr)
+{
+   struct msg *msghdr;
+
+   racct_sub_cred(msqkptr->cred, RACCT_NMSGQ, 1);
+   racct_sub_cred(msqkptr->cred, RACCT_MSGQQUEUED, msqkptr->u.msg_qnum);
+   racct_sub_cred(msqkptr->cred, RACCT_MSGQSIZE, msqkptr->u.msg_cbytes);
+   crfree(msqkptr->cred);
+   msqkptr->cred = NULL;
+
+   /* Free the message headers */
+   msghdr = msqkptr->u.msg_first;
+

svn commit: r298584 - head/usr.sbin/jail

2016-04-25 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 17:01:13 2016
New Revision: 298584
URL: https://svnweb.freebsd.org/changeset/base/298584

Log:
  Note the existence of module-specific jail paramters, starting with the
  linux.* parameters when linux emulation is loaded.
  
  MFC after:5 days

Modified:
  head/usr.sbin/jail/jail.8

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Mon Apr 25 16:53:13 2016(r298583)
+++ head/usr.sbin/jail/jail.8   Mon Apr 25 17:01:13 2016(r298584)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 20, 2015
+.Dd April 25, 2016
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -610,6 +610,32 @@ have not had jail functionality added to
 .El
 .El
 .Pp
+Kernel modules may add their own parameters, which only exist when the
+module is loaded.
+These are typically headed under a parameter named after the module,
+with values of
+.Dq inherit
+to give the jail full use of the module,
+.Dq new
+to encapsulate the jail in some module-specific way,
+and
+.Dq disable
+to make the module unavailable to the jail.
+There also may be other parameters to define jail behavior within the module.
+Module-specific parameters include:
+.Bl -tag -width indent
+.It Va linux
+Determine how a jail's Linux emulation environment appears.
+A value of
+.Dq inherit
+will keep the same environment, and
+.Dq new
+will give the jail it's own environment (still originally inherited when
+the jail is created).
+.It Va linux.osname , linux.osrelease , linux.oss_version
+The Linux OS name, OS release, and OSS version associated with this jail.
+.El
+.Pp
 There are pseudo-parameters that are not passed to the kernel, but are
 used by
 .Nm
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298573 - head/sys/compat/linux

2016-04-25 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 06:08:45 2016
New Revision: 298573
URL: https://svnweb.freebsd.org/changeset/base/298573

Log:
  linux_map_osrel doesn't need to be checked in linux_prison_set,
  since it already was in linux_prison_check.

Modified:
  head/sys/compat/linux/linux_mib.c

Modified: head/sys/compat/linux/linux_mib.c
==
--- head/sys/compat/linux/linux_mib.c   Mon Apr 25 05:58:32 2016
(r298572)
+++ head/sys/compat/linux/linux_mib.c   Mon Apr 25 06:08:45 2016
(r298573)
@@ -153,7 +153,8 @@ linux_map_osrel(char *osrelease, int *os
if (v < 100)
return (EINVAL);
 
-   *osrel = v;
+   if (osrel != NULL)
+   *osrel = v;
 
return (0);
 }
@@ -249,7 +250,7 @@ linux_prison_check(void *obj __unused, v
 {
struct vfsoptlist *opts = data;
char *osname, *osrelease;
-   int error, jsys, len, osrel, oss_version;
+   int error, jsys, len, oss_version;
 
/* Check that the parameters are correct. */
error = vfs_copyopt(opts, "linux", , sizeof(jsys));
@@ -280,7 +281,7 @@ linux_prison_check(void *obj __unused, v
vfs_opterror(opts, "linux.osrelease too long");
return (ENAMETOOLONG);
}
-   error = linux_map_osrel(osrelease, );
+   error = linux_map_osrel(osrelease, NULL);
if (error != 0) {
vfs_opterror(opts, "linux.osrelease format error");
return (error);
@@ -339,11 +340,7 @@ linux_prison_set(void *obj, void *data)
 */
linux_alloc_prison(pr, );
if (osrelease) {
-   error = linux_map_osrel(osrelease, >pr_osrel);
-   if (error) {
-   mtx_unlock(>pr_mtx);
-   return (error);
-   }
+   (void)linux_map_osrel(osrelease, >pr_osrel);
strlcpy(lpr->pr_osrelease, osrelease,
LINUX_MAX_UTSNAME);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298567 - head/sys/kern

2016-04-24 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 04:36:54 2016
New Revision: 298567
URL: https://svnweb.freebsd.org/changeset/base/298567

Log:
  Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX
  message queues.

Modified:
  head/sys/kern/uipc_mqueue.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Mon Apr 25 04:27:58 2016(r298566)
+++ head/sys/kern/uipc_mqueue.c Mon Apr 25 04:36:54 2016(r298567)
@@ -154,11 +154,6 @@ struct mqfs_node {
 #defineFPTOMQ(fp)  ((struct mqueue *)(((struct mqfs_node *) \
(fp)->f_data)->mn_data))
 
-struct mqfs_osd {
-   struct task mo_task;
-   const void  *mo_pr_root;
-};
-
 TAILQ_HEAD(msgq, mqueue_msg);
 
 struct mqueue;
@@ -244,9 +239,7 @@ static int  mqfs_destroy(struct mqfs_node
 static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
 static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
 static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct 
mqfs_node *pn);
-static int mqfs_prison_create(void *obj, void *data);
-static voidmqfs_prison_destructor(void *data);
-static voidmqfs_prison_remove_task(void *context, int pending);
+static int mqfs_prison_remove(void *obj, void *data);
 
 /*
  * Message queue construction and maniplation
@@ -656,9 +649,8 @@ mqfs_init(struct vfsconf *vfc)
 {
struct mqfs_node *root;
struct mqfs_info *mi;
-   struct prison *pr;
osd_method_t methods[PR_MAXMETHOD] = {
-   [PR_METHOD_CREATE] = mqfs_prison_create,
+   [PR_METHOD_REMOVE] = mqfs_prison_remove,
};
 
mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
@@ -686,13 +678,7 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
-
-   /* Note current jails. */
-   mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
-   sx_slock(_lock);
-   TAILQ_FOREACH(pr, , pr_list)
-   (void)mqfs_prison_create(pr, NULL);
-   sx_sunlock(_lock);
+   mqfs_osd_jail_slot = osd_jail_register(NULL, methods);
return (0);
 }
 
@@ -702,14 +688,11 @@ mqfs_init(struct vfsconf *vfc)
 static int
 mqfs_uninit(struct vfsconf *vfc)
 {
-   unsigned slot;
struct mqfs_info *mi;
 
if (!unloadable)
return (EOPNOTSUPP);
-   slot = mqfs_osd_jail_slot;
-   mqfs_osd_jail_slot = 0;
-   osd_jail_deregister(slot);
+   osd_jail_deregister(mqfs_osd_jail_slot);
EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
mi = _data;
mqfs_destroy(mi->mi_root);
@@ -1563,64 +1546,22 @@ mqfs_rmdir(struct vop_rmdir_args *ap)
 
 #endif /* notyet */
 
-
 /*
- * Set a destructor task with the prison's root
+ * See if this prison root is obsolete, and clean up associated queues if it 
is.
  */
 static int
-mqfs_prison_create(void *obj, void *data __unused)
-{
-   struct prison *pr = obj;
-   struct mqfs_osd *mo;
-   void *rsv;
-
-   if (pr->pr_root == pr->pr_parent->pr_root)
-   return(0);
-
-   mo = malloc(sizeof(struct mqfs_osd), M_PRISON, M_WAITOK);
-   rsv = osd_reserve(mqfs_osd_jail_slot);
-   TASK_INIT(>mo_task, 0, mqfs_prison_remove_task, mo);
-   mtx_lock(>pr_mtx);
-   mo->mo_pr_root = pr->pr_root;
-   (void)osd_jail_set_reserved(pr, mqfs_osd_jail_slot, rsv, mo);
-   mtx_unlock(>pr_mtx);
-   return (0);
-}
-
-/*
- * Queue the task for after jail/OSD locks are released
- */
-static void
-mqfs_prison_destructor(void *data)
-{
-   struct mqfs_osd *mo = data;
-
-   if (mqfs_osd_jail_slot != 0)
-   taskqueue_enqueue(taskqueue_thread, >mo_task);
-   else
-   free(mo, M_PRISON);
-}
-
-/*
- * See if this prison root is obsolete, and clean up associated queues if it is
- */
-static void
-mqfs_prison_remove_task(void *context, int pending)
+mqfs_prison_remove(void *obj, void *data __unused)
 {
-   struct mqfs_osd *mo = context;
+   const struct prison *pr = obj;
+   const struct prison *tpr;
struct mqfs_node *pn, *tpn;
-   const struct prison *pr;
-   const void *pr_root;
int found;
 
-   pr_root = mo->mo_pr_root;
found = 0;
-   sx_slock(_lock);
-   TAILQ_FOREACH(pr, , pr_list) {
-   if (pr->pr_root == pr_root)
+   TAILQ_FOREACH(tpr, , pr_list) {
+   if (tpr->pr_root == pr->pr_root && tpr != pr && tpr->pr_ref > 0)
found = 1;
}
-   sx_sunlock(_lock);
if (!found) {
/*
 * No jails are rooted in this directory anymore,
@@ -1629,15 +1570,14 @@ mqfs_prison_remove_task(void *context, i
sx_xlock(_data.mi_lock);

svn commit: r298566 - head/sys/kern

2016-04-24 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 04:27:58 2016
New Revision: 298566
URL: https://svnweb.freebsd.org/changeset/base/298566

Log:
  Pass the current/new jail to PR_METHOD_CHECK, which pushes the call
  until after the jail is found or created.  This requires unlocking the
  jail for the call and re-locking it afterward, but that works because
  nothing in the jail has been changed yet, and other processes won't
  change the important fields as long as allprison_lock remains held.
  
  Keep better track of name vs namelc in kern_jail_set.  Name should
  always be the hierarchical name (relative to the caller), and namelc
  the last component.
  
  PR:   48471
  MFC after:5 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon Apr 25 04:24:00 2016(r298565)
+++ head/sys/kern/kern_jail.c   Mon Apr 25 04:27:58 2016(r298566)
@@ -555,7 +555,7 @@ kern_jail_set(struct thread *td, struct 
void *op;
 #endif
unsigned long hid;
-   size_t namelen, onamelen;
+   size_t namelen, onamelen, pnamelen;
int born, created, cuflags, descend, enforce;
int error, errmsg_len, errmsg_pos;
int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel;
@@ -580,7 +580,7 @@ kern_jail_set(struct thread *td, struct 
error = priv_check(td, PRIV_JAIL_ATTACH);
if (error)
return (error);
-   mypr = ppr = td->td_ucred->cr_prison;
+   mypr = td->td_ucred->cr_prison;
if ((flags & JAIL_CREATE) && mypr->pr_childmax == 0)
return (EPERM);
if (flags & ~JAIL_SET_MASK)
@@ -607,6 +607,13 @@ kern_jail_set(struct thread *td, struct 
 #endif
g_path = NULL;
 
+   cuflags = flags & (JAIL_CREATE | JAIL_UPDATE);
+   if (!cuflags) {
+   error = EINVAL;
+   vfs_opterror(opts, "no valid operation (create or update)");
+   goto done_errmsg;
+   }
+
error = vfs_copyopt(opts, "jid", , sizeof(jid));
if (error == ENOENT)
jid = 0;
@@ -1009,42 +1016,18 @@ kern_jail_set(struct thread *td, struct 
}
 
/*
-* Grab the allprison lock before letting modules check their
-* parameters.  Once we have it, do not let go so we'll have a
-* consistent view of the OSD list.
-*/
-   sx_xlock(_lock);
-   error = osd_jail_call(NULL, PR_METHOD_CHECK, opts);
-   if (error)
-   goto done_unlock_list;
-
-   /* By now, all parameters should have been noted. */
-   TAILQ_FOREACH(opt, opts, link) {
-   if (!opt->seen && strcmp(opt->name, "errmsg")) {
-   error = EINVAL;
-   vfs_opterror(opts, "unknown parameter: %s", opt->name);
-   goto done_unlock_list;
-   }
-   }
-
-   /*
-* See if we are creating a new record or updating an existing one.
+* Find the specified jail, or at least its parent.
 * This abuses the file error codes ENOENT and EEXIST.
 */
-   cuflags = flags & (JAIL_CREATE | JAIL_UPDATE);
-   if (!cuflags) {
-   error = EINVAL;
-   vfs_opterror(opts, "no valid operation (create or update)");
-   goto done_unlock_list;
-   }
pr = NULL;
-   namelc = NULL;
+   ppr = mypr;
if (cuflags == JAIL_CREATE && jid == 0 && name != NULL) {
namelc = strrchr(name, '.');
jid = strtoul(namelc != NULL ? namelc + 1 : name, , 10);
if (*p != '\0')
jid = 0;
}
+   sx_xlock(_lock);
if (jid != 0) {
/*
 * See if a requested jid already exists.  There is an
@@ -1110,6 +1093,7 @@ kern_jail_set(struct thread *td, struct 
 * and updates keyed by the name itself (where the name must exist
 * because that is the jail being updated).
 */
+   namelc = NULL;
if (name != NULL) {
namelc = strrchr(name, '.');
if (namelc == NULL)
@@ -1120,7 +1104,6 @@ kern_jail_set(struct thread *td, struct 
 * parent and child names, and make sure the parent
 * exists or matches an already found jail.
 */
-   *namelc = '\0';
if (pr != NULL) {
if (strncmp(name, ppr->pr_name, namelc - name)
|| ppr->pr_name[namelc - name] != '\0') {
@@ -1131,6 +1114,7 @@ kern_jail_set(struct thread *td, struct 
goto done_unlock_list;
}
} else {
+   *namelc = '\0';
ppr =

svn commit: r298565 - in head/sys: kern sys

2016-04-24 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 04:24:00 2016
New Revision: 298565
URL: https://svnweb.freebsd.org/changeset/base/298565

Log:
  Add a new jail OSD method, PR_METHOD_REMOVE.  It's called when a jail is
  removed from the user perspective, i.e. when the last pr_uref goes away,
  even though the jail mail still exist in the dying state.  It will also
  be called if either PR_METHOD_CREATE or PR_METHOD_SET fail.
  
  PR:   48471
  MFC after: 5 days

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon Apr 25 03:58:08 2016(r298564)
+++ head/sys/kern/kern_jail.c   Mon Apr 25 04:24:00 2016(r298565)
@@ -556,7 +556,8 @@ kern_jail_set(struct thread *td, struct 
 #endif
unsigned long hid;
size_t namelen, onamelen;
-   int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos;
+   int born, created, cuflags, descend, enforce;
+   int error, errmsg_len, errmsg_pos;
int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel;
int fi, jid, jsys, len, level;
int childmax, osreldt, rsnum, slevel;
@@ -1767,6 +1768,7 @@ kern_jail_set(struct thread *td, struct 
 * for now, so new ones will remain unseen until after the module
 * handlers have completed.
 */
+   born = pr->pr_uref == 0;
if (!created && (ch_flags & PR_PERSIST & (pr_flags ^ pr->pr_flags))) {
if (pr_flags & PR_PERSIST) {
pr->pr_ref++;
@@ -1836,15 +1838,20 @@ kern_jail_set(struct thread *td, struct 
 
/* Let the modules do their work. */
sx_downgrade(_lock);
-   if (created) {
+   if (born) {
error = osd_jail_call(pr, PR_METHOD_CREATE, opts);
if (error) {
-   prison_deref(pr, PD_LIST_SLOCKED);
+   (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
+   prison_deref(pr, created
+   ? PD_LIST_SLOCKED
+   : PD_DEREF | PD_LIST_SLOCKED);
goto done_errmsg;
}
}
error = osd_jail_call(pr, PR_METHOD_SET, opts);
if (error) {
+   if (born)
+   (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
prison_deref(pr, created
? PD_LIST_SLOCKED
: PD_DEREF | PD_LIST_SLOCKED);
@@ -1896,7 +1903,7 @@ kern_jail_set(struct thread *td, struct 
sx_sunlock(_lock);
}
 
-   goto done_errmsg;
+   goto done_free;
 
  done_deref_locked:
prison_deref(pr, created
@@ -2596,19 +2603,46 @@ static void
 prison_deref(struct prison *pr, int flags)
 {
struct prison *ppr, *tpr;
+   int ref, lasturef;
 
if (!(flags & PD_LOCKED))
mtx_lock(>pr_mtx);
for (;;) {
if (flags & PD_DEUREF) {
pr->pr_uref--;
+   lasturef = pr->pr_uref == 0;
+   if (lasturef)
+   pr->pr_ref++;
KASSERT(prison0.pr_uref != 0, ("prison0 pr_uref=0"));
-   }
+   } else
+   lasturef = 0;
if (flags & PD_DEREF)
pr->pr_ref--;
-   /* If the prison still has references, nothing else to do. */
-   if (pr->pr_ref > 0) {
+   ref = pr->pr_ref;
+   mtx_unlock(>pr_mtx);
+
+   /*
+* Tell the modules if the last user reference was removed
+* (even it sticks around in dying state).
+*/
+   if (lasturef) {
+   if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) {
+   if (ref > 1) {
+   sx_slock(_lock);
+   flags |= PD_LIST_SLOCKED;
+   } else {
+   sx_xlock(_lock);
+   flags |= PD_LIST_XLOCKED;
+   }
+   }
+   (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
+   mtx_lock(>pr_mtx);
+   ref = --pr->pr_ref;
mtx_unlock(>pr_mtx);
+   }
+
+   /* If the prison still has references, nothing else to do. */
+   if (ref > 0) {
if (flags & PD_LIST_SLOCKED)
sx_sunlock(_lock);
else if (flags & PD_LIST_XLOCKED)
@@ -2616,7 +2650,6 @@ prison_deref(struct prison *pr, int flag
return;
}
 
-   mtx_unlock(>pr_mtx);

svn commit: r298564 - in head/sys: kern sys

2016-04-24 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 03:58:08 2016
New Revision: 298564
URL: https://svnweb.freebsd.org/changeset/base/298564

Log:
  Remove the PR_REMOVE flag, which was meant as a temporary marker for
  a jail that might be seen mid-removal.  It hasn't been doing the right
  thing since at least the ability to resurrect dying jails, and such
  resurrection also makes it unnecessary.

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon Apr 25 03:48:28 2016(r298563)
+++ head/sys/kern/kern_jail.c   Mon Apr 25 03:58:08 2016(r298564)
@@ -1222,7 +1222,7 @@ kern_jail_set(struct thread *td, struct 
}
created = 1;
mtx_lock(>pr_mtx);
-   if (ppr->pr_ref == 0 || (ppr->pr_flags & PR_REMOVE)) {
+   if (ppr->pr_ref == 0) {
mtx_unlock(>pr_mtx);
error = ENOENT;
vfs_opterror(opts, "parent jail went away!");
@@ -2273,7 +2273,6 @@ sys_jail_remove(struct thread *td, struc
 
/* Remove all descendants of this prison, then remove this prison. */
pr->pr_ref++;
-   pr->pr_flags |= PR_REMOVE;
if (!LIST_EMPTY(>pr_children)) {
mtx_unlock(>pr_mtx);
lpr = NULL;
@@ -2282,7 +2281,6 @@ sys_jail_remove(struct thread *td, struc
if (cpr->pr_ref > 0) {
tpr = cpr;
cpr->pr_ref++;
-   cpr->pr_flags |= PR_REMOVE;
} else {
/* Already removed - do not do it again. */
tpr = NULL;

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Mon Apr 25 03:48:28 2016(r298563)
+++ head/sys/sys/jail.h Mon Apr 25 03:58:08 2016(r298564)
@@ -210,7 +210,6 @@ struct prison_racct {
/* primary jail address. */
 
 /* Internal flag bits */
-#definePR_REMOVE   0x0100  /* In process of being removed 
*/
 #definePR_IP4  0x0200  /* IPv4 restricted or disabled 
*/
/* by this jail or an ancestor */
 #definePR_IP6  0x0400  /* IPv6 restricted or disabled 
*/
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298562 - head/usr.sbin/jail

2016-04-24 Thread Jamie Gritton

Author: jamie
Date: Mon Apr 25 03:24:48 2016
New Revision: 298562
URL: https://svnweb.freebsd.org/changeset/base/298562

Log:
  Make jail(8) interpret escape codes in fstab the same as getfsent(3).
  
  PR:   208663
  MFC after:3 days

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cMon Apr 25 03:14:55 2016
(r298561)
+++ head/usr.sbin/jail/command.cMon Apr 25 03:24:48 2016
(r298562)
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 
 #include "jailp.h"
 
@@ -444,8 +445,14 @@ run_command(struct cfjail *j)
strcpy(comcs, comstring->s);
argc = 0;
for (cs = strtok(comcs, " \t\f\v\r\n"); cs && argc < 4;
-cs = strtok(NULL, " \t\f\v\r\n"))
+cs = strtok(NULL, " \t\f\v\r\n")) {
+   if (argc <= 1 && strunvis(cs, cs) < 0) {
+   jail_warnx(j, "%s: %s: fstab parse error",
+   j->intparams[comparam]->name, comstring->s);
+   return -1;
+   }
argv[argc++] = cs;
+   }
if (argc == 0)
return 0;
if (argc < 3) {
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298516 - head/etc/rc.d

2016-04-23 Thread Jamie Gritton

Author: jamie
Date: Sat Apr 23 16:23:01 2016
New Revision: 298516
URL: https://svnweb.freebsd.org/changeset/base/298516

Log:
  Don't remove the /var/run/jail_name.id file if a jail fails to start.
  This messes up ezjail (and possibly others), when attempting to start
  a jail that already exists.
  
  PR:   208806
  Reviewed by:  tj
  MFC after:5 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Sat Apr 23 16:19:34 2016(r298515)
+++ head/etc/rc.d/jail  Sat Apr 23 16:23:01 2016(r298516)
@@ -489,7 +489,6 @@ jail_start()
if _jid=$($jail_jls -j $_j jid); then
echo "$_jid" > /var/run/jail_${_j}.id
else
-   rm -f /var/run/jail_${_j}.id
echo " cannot start jail " \
"\"${_hostname:-${_j}}\": "
fi
@@ -513,7 +512,6 @@ jail_start()
_jid=$($jail_jls -j $_j jid)
echo $_jid > /var/run/jail_${_j}.id
else
-   rm -f /var/run/jail_${_j}.id
echo " cannot start jail " \
"\"${_hostname:-${_j}}\": "
cat $_tmp
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r297976 - head/sys/kern

2016-04-14 Thread Jamie Gritton

Author: jamie
Date: Thu Apr 14 17:07:26 2016
New Revision: 297976
URL: https://svnweb.freebsd.org/changeset/base/297976

Log:
  Clean up some style(9) violations.

Modified:
  head/sys/kern/uipc_mqueue.c
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Thu Apr 14 17:06:37 2016(r297975)
+++ head/sys/kern/uipc_mqueue.c Thu Apr 14 17:07:26 2016(r297976)
@@ -686,7 +686,8 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
-   /* Note current jails */
+
+   /* Note current jails. */
mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
sx_slock(_lock);
TAILQ_FOREACH(pr, , pr_list)
@@ -1423,6 +1424,7 @@ mqfs_readdir(struct vop_readdir_args *ap
 
LIST_FOREACH(pn, >mn_children, mn_sibling) {
entry.d_reclen = sizeof(entry);
+
/*
 * Only show names within the same prison root directory
 * (or not associated with a prison, e.g. "." and "..").

Modified: head/sys/kern/uipc_sem.c
==
--- head/sys/kern/uipc_sem.cThu Apr 14 17:06:37 2016(r297975)
+++ head/sys/kern/uipc_sem.cThu Apr 14 17:07:26 2016(r297976)
@@ -271,13 +271,11 @@ ksem_fill_kinfo(struct file *fp, struct 
mtx_unlock(_lock);
if (ks->ks_path != NULL) {
sx_slock(_dict_lock);
-   if (ks->ks_path != NULL)
-   {
+   if (ks->ks_path != NULL) {
path = ks->ks_path;
pr_path = curthread->td_ucred->cr_prison->pr_path;
-   if (strcmp(pr_path, "/") != 0)
-   {
-   /* Return the jail-rooted pathname */
+   if (strcmp(pr_path, "/") != 0) {
+   /* Return the jail-rooted pathname. */
pr_pathlen = strlen(pr_path);
if (strncmp(path, pr_path, pr_pathlen) == 0 &&
path[pr_pathlen] == '/')
@@ -503,7 +501,8 @@ ksem_create(struct thread *td, const cha
} else {
path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
pr_path = td->td_ucred->cr_prison->pr_path;
-   /* Construct a full pathname for jailed callers */
+
+   /* Construct a full pathname for jailed callers. */
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(name, path + pr_pathlen,

Modified: head/sys/kern/uipc_shm.c
==
--- head/sys/kern/uipc_shm.cThu Apr 14 17:06:37 2016(r297975)
+++ head/sys/kern/uipc_shm.cThu Apr 14 17:07:26 2016(r297976)
@@ -727,7 +727,8 @@ kern_shm_open(struct thread *td, const c
} else {
path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
pr_path = td->td_ucred->cr_prison->pr_path;
-   /* Construct a full pathname for jailed callers */
+
+   /* Construct a full pathname for jailed callers. */
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(userpath, path + pr_pathlen,
@@ -1087,13 +1088,11 @@ shm_fill_kinfo(struct file *fp, struct k
kif->kf_un.kf_file.kf_file_size = shmfd->shm_size;
if (shmfd->shm_path != NULL) {
sx_slock(_dict_lock);
-   if (shmfd->shm_path != NULL)
-   {
+   if (shmfd->shm_path != NULL) {
path = shmfd->shm_path;
pr_path = curthread->td_ucred->cr_prison->pr_path;
-   if (strcmp(pr_path, "/") != 0)
-   {
-   /* Return the jail-rooted pathname */
+   if (strcmp(pr_path, "/") != 0) {
+   /* Return the jail-rooted pathname. */
pr_pathlen = strlen(pr_path);
if (strncmp(path, pr_path, pr_pathlen) == 0 &&
path[pr_pathlen] == '/')
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r297936 - head/sys/kern

2016-04-13 Thread Jamie Gritton

Author: jamie
Date: Wed Apr 13 20:15:49 2016
New Revision: 297936
URL: https://svnweb.freebsd.org/changeset/base/297936

Log:
  Separate POSIX mqueue objects in jails; actually, separate them by the
  jail's root, so jails that don't have their own filesystem directory
  also won't have their own mqueue namespace.
  
  PR:   208082

Modified:
  head/sys/kern/uipc_mqueue.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Wed Apr 13 20:14:13 2016(r297935)
+++ head/sys/kern/uipc_mqueue.c Wed Apr 13 20:15:49 2016(r297936)
@@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -60,8 +61,8 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -132,6 +133,7 @@ struct mqfs_node {
LIST_HEAD(,mqfs_node)   mn_children;
LIST_ENTRY(mqfs_node)   mn_sibling;
LIST_HEAD(,mqfs_vdata)  mn_vnodes;
+   const void  *mn_pr_root;
int mn_refcount;
mqfs_type_t mn_type;
int mn_deleted;
@@ -152,6 +154,11 @@ struct mqfs_node {
 #defineFPTOMQ(fp)  ((struct mqueue *)(((struct mqfs_node *) \
(fp)->f_data)->mn_data))
 
+struct mqfs_osd {
+   struct task mo_task;
+   const void  *mo_pr_root;
+};
+
 TAILQ_HEAD(msgq, mqueue_msg);
 
 struct mqueue;
@@ -219,6 +226,7 @@ static uma_zone_t   mvdata_zone;
 static uma_zone_t  mqnoti_zone;
 static struct vop_vector   mqfs_vnodeops;
 static struct fileops  mqueueops;
+static unsignedmqfs_osd_jail_slot;
 
 /*
  * Directory structure construction and manipulation
@@ -236,6 +244,9 @@ static int  mqfs_destroy(struct mqfs_node
 static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
 static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
 static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct 
mqfs_node *pn);
+static int mqfs_prison_create(void *obj, void *data);
+static voidmqfs_prison_destructor(void *data);
+static voidmqfs_prison_remove_task(void *context, int pending);
 
 /*
  * Message queue construction and maniplation
@@ -436,6 +447,7 @@ mqfs_create_node(const char *name, int n
 
node = mqnode_alloc();
strncpy(node->mn_name, name, namelen);
+   node->mn_pr_root = cred->cr_prison->pr_root;
node->mn_type = nodetype;
node->mn_refcount = 1;
vfs_timestamp(>mn_birth);
@@ -644,6 +656,10 @@ mqfs_init(struct vfsconf *vfc)
 {
struct mqfs_node *root;
struct mqfs_info *mi;
+   struct prison *pr;
+   osd_method_t methods[PR_MAXMETHOD] = {
+   [PR_METHOD_CREATE] = mqfs_prison_create,
+   };
 
mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
@@ -670,6 +686,12 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
+   /* Note current jails */
+   mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list)
+   (void)mqfs_prison_create(pr, NULL);
+   sx_sunlock(_lock);
return (0);
 }
 
@@ -679,10 +701,14 @@ mqfs_init(struct vfsconf *vfc)
 static int
 mqfs_uninit(struct vfsconf *vfc)
 {
+   unsigned slot;
struct mqfs_info *mi;
 
if (!unloadable)
return (EOPNOTSUPP);
+   slot = mqfs_osd_jail_slot;
+   mqfs_osd_jail_slot = 0;
+   osd_jail_deregister(slot);
EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
mi = _data;
mqfs_destroy(mi->mi_root);
@@ -800,13 +826,17 @@ found:
  * Search a directory entry
  */
 static struct mqfs_node *
-mqfs_search(struct mqfs_node *pd, const char *name, int len)
+mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred 
*cred)
 {
struct mqfs_node *pn;
+   const void *pr_root;
 
sx_assert(>mn_info->mi_lock, SX_LOCKED);
+   pr_root = cred->cr_prison->pr_root;
LIST_FOREACH(pn, >mn_children, mn_sibling) {
-   if (strncmp(pn->mn_name, name, len) == 0 &&
+   /* Only match names within the same prison root directory */
+   if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) &&
+   strncmp(pn->mn_name, name, len) == 0 &&
pn->mn_name[len] == '\0')
return (pn);
}
@@ -878,7 +908,7 @@ mqfs_lookupx(struct vop_cachedlookup_arg
 
/* named node */
sx_xlock(>mi_lock);
-   pn = mqfs_search(pd, pname, namelen);
+

svn commit: r297935 - head/sys/kern

2016-04-13 Thread Jamie Gritton

Author: jamie
Date: Wed Apr 13 20:14:13 2016
New Revision: 297935
URL: https://svnweb.freebsd.org/changeset/base/297935

Log:
  Separate POSIX sem/shm objects in jails, by prepending the jail's path
  name to the object's "path".  While the objects don't have real path
  names, it's a filesystem-like namespace, which allows jails to be
  kept to their own space, but still allows the system / jail parent to
  access a jail's IPC.
  
  PR:   208082

Modified:
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c

Modified: head/sys/kern/uipc_sem.c
==
--- head/sys/kern/uipc_sem.cWed Apr 13 20:12:02 2016(r297934)
+++ head/sys/kern/uipc_sem.cWed Apr 13 20:14:13 2016(r297935)
@@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -258,7 +259,9 @@ ksem_closef(struct file *fp, struct thre
 static int
 ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp)
 {
+   const char *path, *pr_path;
struct ksem *ks;
+   size_t pr_pathlen;
 
kif->kf_type = KF_TYPE_SEM;
ks = fp->f_data;
@@ -269,7 +272,19 @@ ksem_fill_kinfo(struct file *fp, struct 
if (ks->ks_path != NULL) {
sx_slock(_dict_lock);
if (ks->ks_path != NULL)
-   strlcpy(kif->kf_path, ks->ks_path, 
sizeof(kif->kf_path));
+   {
+   path = ks->ks_path;
+   pr_path = curthread->td_ucred->cr_prison->pr_path;
+   if (strcmp(pr_path, "/") != 0)
+   {
+   /* Return the jail-rooted pathname */
+   pr_pathlen = strlen(pr_path);
+   if (strncmp(path, pr_path, pr_pathlen) == 0 &&
+   path[pr_pathlen] == '/')
+   path += pr_pathlen;
+   }
+   strlcpy(kif->kf_path, path, sizeof(kif->kf_path));
+   }
sx_sunlock(_dict_lock);
}
return (0);
@@ -449,6 +464,8 @@ ksem_create(struct thread *td, const cha
struct ksem *ks;
struct file *fp;
char *path;
+   const char *pr_path;
+   size_t pr_pathlen;
Fnv32_t fnv;
int error, fd;
 
@@ -485,10 +502,15 @@ ksem_create(struct thread *td, const cha
ks->ks_flags |= KS_ANONYMOUS;
} else {
path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
-   error = copyinstr(name, path, MAXPATHLEN, NULL);
+   pr_path = td->td_ucred->cr_prison->pr_path;
+   /* Construct a full pathname for jailed callers */
+   pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
+   : strlcpy(path, pr_path, MAXPATHLEN);
+   error = copyinstr(name, path + pr_pathlen,
+   MAXPATHLEN - pr_pathlen, NULL);
 
/* Require paths to start with a '/' character. */
-   if (error == 0 && path[0] != '/')
+   if (error == 0 && path[pr_pathlen] != '/')
error = EINVAL;
if (error) {
fdclose(td, fp, fd);
@@ -624,11 +646,17 @@ int
 sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap)
 {
char *path;
+   const char *pr_path;
+   size_t pr_pathlen;
Fnv32_t fnv;
int error;
 
path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
-   error = copyinstr(uap->name, path, MAXPATHLEN, NULL);
+   pr_path = td->td_ucred->cr_prison->pr_path;
+   pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
+   : strlcpy(path, pr_path, MAXPATHLEN);
+   error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
+   NULL);
if (error) {
free(path, M_TEMP);
return (error);

Modified: head/sys/kern/uipc_shm.c
==
--- head/sys/kern/uipc_shm.cWed Apr 13 20:12:02 2016(r297934)
+++ head/sys/kern/uipc_shm.cWed Apr 13 20:14:13 2016(r297935)
@@ -57,6 +57,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -687,6 +688,8 @@ kern_shm_open(struct thread *td, const c
struct shmfd *shmfd;
struct file *fp;
char *path;
+   const char *pr_path;
+   size_t pr_pathlen;
Fnv32_t fnv;
mode_t cmode;
int fd, error;
@@ -723,13 +726,18 @@ kern_shm_open(struct thread *td, const c
shmfd = shm_alloc(td->td_ucred, cmode);
} else {
path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
-   error = copyinstr(userpath, path, MAXPATHLEN, NULL);
+   pr_path = td->td_ucred->cr_prison->pr_path;
+

svn commit: r297424 - head/sys/compat/linux

2016-03-30 Thread Jamie Gritton

Author: jamie
Date: Wed Mar 30 17:05:04 2016
New Revision: 297424
URL: https://svnweb.freebsd.org/changeset/base/297424

Log:
  Use osd_reserve / osd_jail_set_reserved, which is known to succeed.
  Also don't work around nonexistent osd_register failure.

Modified:
  head/sys/compat/linux/linux_mib.c

Modified: head/sys/compat/linux/linux_mib.c
==
--- head/sys/compat/linux/linux_mib.c   Wed Mar 30 17:00:33 2016
(r297423)
+++ head/sys/compat/linux/linux_mib.c   Wed Mar 30 17:05:04 2016
(r297424)
@@ -168,9 +168,6 @@ linux_find_prison(struct prison *spr, st
struct prison *pr;
struct linux_prison *lpr;
 
-   if (!linux_osd_jail_slot)
-   /* In case osd_register failed. */
-   spr = 
for (pr = spr;; pr = pr->pr_parent) {
mtx_lock(>pr_mtx);
lpr = (pr == )
@@ -189,15 +186,14 @@ linux_find_prison(struct prison *spr, st
  * Ensure a prison has its own Linux info.  If lprp is non-null, point it to
  * the Linux info and lock the prison.
  */
-static int
+static void
 linux_alloc_prison(struct prison *pr, struct linux_prison **lprp)
 {
struct prison *ppr;
struct linux_prison *lpr, *nlpr;
-   int error;
+   void *rsv;
 
/* If this prison already has Linux info, return that. */
-   error = 0;
lpr = linux_find_prison(pr, );
if (ppr == pr)
goto done;
@@ -207,29 +203,24 @@ linux_alloc_prison(struct prison *pr, st
 */
mtx_unlock(>pr_mtx);
nlpr = malloc(sizeof(struct linux_prison), M_PRISON, M_WAITOK);
+   rsv = osd_reserve(linux_osd_jail_slot);
lpr = linux_find_prison(pr, );
if (ppr == pr) {
free(nlpr, M_PRISON);
+   osd_free_reserved(rsv);
goto done;
}
/* Inherit the initial values from the ancestor. */
mtx_lock(>pr_mtx);
-   error = osd_jail_set(pr, linux_osd_jail_slot, nlpr);
-   if (error == 0) {
-   bcopy(lpr, nlpr, sizeof(*lpr));
-   lpr = nlpr;
-   } else {
-   free(nlpr, M_PRISON);
-   lpr = NULL;
-   }
+   (void)osd_jail_set_reserved(pr, linux_osd_jail_slot, rsv, nlpr);
+   bcopy(lpr, nlpr, sizeof(*lpr));
+   lpr = nlpr;
mtx_unlock(>pr_mtx);
  done:
if (lprp != NULL)
*lprp = lpr;
else
mtx_unlock(>pr_mtx);
-
-   return (error);
 }
 
 /*
@@ -249,7 +240,8 @@ linux_prison_create(void *obj, void *dat
 * Inherit a prison's initial values from its parent
 * (different from JAIL_SYS_INHERIT which also inherits changes).
 */
-   return (linux_alloc_prison(pr, NULL));
+   linux_alloc_prison(pr, NULL);
+   return (0);
 }
 
 static int
@@ -345,11 +337,7 @@ linux_prison_set(void *obj, void *data)
 * "linux=new" or "linux.*":
 * the prison gets its own Linux info.
 */
-   error = linux_alloc_prison(pr, );
-   if (error) {
-   mtx_unlock(>pr_mtx);
-   return (error);
-   }
+   linux_alloc_prison(pr, );
if (osrelease) {
error = linux_map_osrel(osrelease, >pr_osrel);
if (error) {
@@ -449,21 +437,18 @@ linux_osd_jail_register(void)
 
linux_osd_jail_slot =
osd_jail_register(linux_prison_destructor, methods);
-   if (linux_osd_jail_slot > 0) {
-   /* Copy the system linux info to any current prisons. */
-   sx_xlock(_lock);
-   TAILQ_FOREACH(pr, , pr_list)
-   (void)linux_alloc_prison(pr, NULL);
-   sx_xunlock(_lock);
-   }
+   /* Copy the system linux info to any current prisons. */
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list)
+   linux_alloc_prison(pr, NULL);
+   sx_sunlock(_lock);
 }
 
 void
 linux_osd_jail_deregister(void)
 {
 
-   if (linux_osd_jail_slot)
-   osd_jail_deregister(linux_osd_jail_slot);
+   osd_jail_deregister(linux_osd_jail_slot);
 }
 
 void
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r297422 - in head: share/man/man9 sys/kern sys/sys

2016-03-30 Thread Jamie Gritton

Author: jamie
Date: Wed Mar 30 16:57:28 2016
New Revision: 297422
URL: https://svnweb.freebsd.org/changeset/base/297422

Log:
  Add osd_reserve() and osd_set_reserved(), which allow M_WAITOK allocation
  of an OSD array,

Modified:
  head/share/man/man9/osd.9
  head/sys/kern/kern_osd.c
  head/sys/sys/osd.h

Modified: head/share/man/man9/osd.9
==
--- head/share/man/man9/osd.9   Wed Mar 30 16:54:18 2016(r297421)
+++ head/share/man/man9/osd.9   Wed Mar 30 16:57:28 2016(r297422)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 5, 2011
+.Dd March 30, 2016
 .Dt OSD 9
 .Os
 .Sh NAME
@@ -33,6 +33,9 @@
 .Nm osd_register ,
 .Nm osd_deregister ,
 .Nm osd_set ,
+.Nm osd_reserve ,
+.Nm osd_set_reserved ,
+.Nm osd_free_reserved ,
 .Nm osd_get ,
 .Nm osd_del ,
 .Nm osd_call ,
@@ -63,6 +66,22 @@
 .Fa "void *value"
 .Fc
 .Ft void *
+.Fo osd_reserve
+.Fa "u_int slot"
+.Fc
+.Ft int
+.Fo osd_set_reserved
+.Fa "u_int type"
+.Fa "struct osd *osd"
+.Fa "u_int slot"
+.Fa "void *rsv"
+.Fa "void *value"
+.Fc
+.Ft void
+.Fo osd_free_reserved
+.Fa "void *rsv"
+.Fc
+.Ft void *
 .Fo osd_get
 .Fa "u_int type"
 .Fa "struct osd *osd"
@@ -198,6 +217,15 @@ argument points to a data object to asso
 .Fa osd .
 .Pp
 The
+.Fn osd_set_reserved
+function does the same as
+.Fn osd_set ,
+but with an extra argument
+.Fa rsv
+that is internal-use memory previously allocated via
+.Fn osd_reserve .
+.Pp
+The
 .Fn osd_get
 function returns the data pointer associated with a kernel data structure's
 .Vt struct osd
@@ -324,6 +352,24 @@ will proceed without any
 .Xr realloc 9
 calls.
 .Pp
+It is possible for
+.Fn osd_set
+to fail to allocate this array.  To ensure that such allocation succeeds,
+.Fn osd_reserve
+may be called (in a non-blocking context), and it will pre-allocate the
+memory via
+.Xr malloc 9
+with M_WAITOK.
+Then this pre-allocated memory is passed to
+.Fn osd_set_reserved ,
+which will use it if necessary or otherwise discard it.
+The memory may also be explicitly discarded by calling
+.Fn osd_free_reserved .
+As this method always allocates memory whether or not it is ultimately needed,
+it should be used only rarely, such as in the unlikely event that
+.Fn osd_set
+fails.
+.Pp
 The
 .Nm
 API is geared towards slot identifiers storing pointers to the same underlying
@@ -359,15 +405,27 @@ the kernel including most fast paths.
 returns the slot identifier for the newly registered data type.
 .Pp
 .Fn osd_set
-returns zero on success or ENOMEM if the specified type/slot identifier pair
+and
+.Fn osd_set_reserved
+return zero on success or ENOMEM if the specified type/slot identifier pair
 triggered an internal
 .Xr realloc 9
-which failed.
+which failed
+.Fn ( osd_set_reserved
+will always succeed when
+.Fa rsv
+is non-NULL).
 .Pp
 .Fn osd_get
 returns the data pointer for the specified type/slot identifier pair, or NULL 
if
 the slot has not been initialised yet.
 .Pp
+.Fn osd_reserve
+returns a pointer suitable for passing to
+.Fn osd_set_reserved
+or
+.Fn osd_free_reserved .
+.Pp
 .Fn osd_call
 returns zero if no method is run or the method for each slot runs successfully.
 If a method for a slot returns non-zero,

Modified: head/sys/kern/kern_osd.c
==
--- head/sys/kern/kern_osd.cWed Mar 30 16:54:18 2016(r297421)
+++ head/sys/kern/kern_osd.cWed Mar 30 16:57:28 2016(r297422)
@@ -54,7 +54,7 @@ struct osd_master {
struct sxosd_module_lock;
struct rmlockosd_object_lock;
struct mtx   osd_list_lock;
-   LIST_HEAD(, osd) osd_list;  /* (m) */
+   LIST_HEAD(, osd) osd_list;  /* (l) */
osd_destructor_t*osd_destructors;   /* (o) */
osd_method_t*osd_methods;   /* (m) */
u_intosd_ntslots;   /* (m) */
@@ -198,6 +198,24 @@ osd_deregister(u_int type, u_int slot)
 int
 osd_set(u_int type, struct osd *osd, u_int slot, void *value)
 {
+
+   return (osd_set_reserved(type, osd, slot, NULL, value));
+}
+
+void *
+osd_reserve(u_int slot)
+{
+
+   KASSERT(slot > 0, ("Invalid slot."));
+
+   OSD_DEBUG("Reserving slot array (slot=%u).", slot);
+   return (malloc(sizeof(void *) * slot, M_OSD, M_WAITOK | M_ZERO));
+}
+
+int
+osd_set_reserved(u_int type, struct osd *osd, u_int slot, void *rsv,
+void *value)
+{
struct rm_priotracker tracker;
 
KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
@@ -206,36 +224,34 @@ osd_set(u_int type, struct osd *osd, u_i
 
rm_rlock([type].osd_object_lock, );
if (slot > osd->osd_nslots) {
+   void *newptr;
+
if (value == NULL) {
OSD_DEBUG(
"Not allocating null slot (type=%u, slot=%u).",

svn commit: r297367 - head/sys/kern

2016-03-28 Thread Jamie Gritton

Author: jamie
Date: Mon Mar 28 22:18:37 2016
New Revision: 297367
URL: https://svnweb.freebsd.org/changeset/base/297367

Log:
  Move the various per-type arrays of OSD data into a single structure array.

Modified:
  head/sys/kern/kern_osd.c

Modified: head/sys/kern/kern_osd.c
==
--- head/sys/kern/kern_osd.cMon Mar 28 21:51:56 2016(r297366)
+++ head/sys/kern/kern_osd.cMon Mar 28 22:18:37 2016(r297367)
@@ -44,6 +44,23 @@ __FBSDID("$FreeBSD$");
 
 /* OSD (Object Specific Data) */
 
+/*
+ * Lock key:
+ *  (m) osd_module_lock
+ *  (o) osd_object_lock
+ *  (l) osd_list_lock
+ */
+struct osd_master {
+   struct sxosd_module_lock;
+   struct rmlockosd_object_lock;
+   struct mtx   osd_list_lock;
+   LIST_HEAD(, osd) osd_list;  /* (m) */
+   osd_destructor_t*osd_destructors;   /* (o) */
+   osd_method_t*osd_methods;   /* (m) */
+   u_intosd_ntslots;   /* (m) */
+   const u_int  osd_nmethods;
+};
+
 static MALLOC_DEFINE(M_OSD, "osd", "Object Specific Data");
 
 static int osd_debug = 0;
@@ -61,25 +78,12 @@ static void do_osd_del(u_int type, struc
 int list_locked);
 
 /*
- * Lists of objects with OSD.
- *
- * Lock key:
- *  (m) osd_module_lock
- *  (o) osd_object_lock
- *  (l) osd_list_lock
+ * List of objects with OSD.
  */
-static LIST_HEAD(, osd)osd_list[OSD_LAST + 1]; /* (m) */
-static osd_method_t *osd_methods[OSD_LAST + 1];/* (m) */
-static u_int osd_nslots[OSD_LAST + 1]; /* (m) */
-static osd_destructor_t *osd_destructors[OSD_LAST + 1];/* (o) */
-static const u_int osd_nmethods[OSD_LAST + 1] = {
-   [OSD_JAIL] = PR_MAXMETHOD,
+struct osd_master osdm[OSD_LAST + 1] = {
+   [OSD_JAIL] = { .osd_nmethods = PR_MAXMETHOD },
 };
 
-static struct sx osd_module_lock[OSD_LAST + 1];
-static struct rmlock osd_object_lock[OSD_LAST + 1];
-static struct mtx osd_list_lock[OSD_LAST + 1];
-
 static void
 osd_default_destructor(void *value __unused)
 {
@@ -101,12 +105,12 @@ osd_register(u_int type, osd_destructor_
if (destructor == NULL)
destructor = osd_default_destructor;
 
-   sx_xlock(_module_lock[type]);
+   sx_xlock([type].osd_module_lock);
/*
 * First, we try to find unused slot.
 */
-   for (i = 0; i < osd_nslots[type]; i++) {
-   if (osd_destructors[type][i] == NULL) {
+   for (i = 0; i < osdm[type].osd_ntslots; i++) {
+   if (osdm[type].osd_destructors[i] == NULL) {
OSD_DEBUG("Unused slot found (type=%u, slot=%u).",
type, i);
break;
@@ -115,31 +119,31 @@ osd_register(u_int type, osd_destructor_
/*
 * If no unused slot was found, allocate one.
 */
-   if (i == osd_nslots[type]) {
-   osd_nslots[type]++;
-   if (osd_nmethods[type] != 0)
-   osd_methods[type] = realloc(osd_methods[type],
-   sizeof(osd_method_t) * osd_nslots[type] *
-   osd_nmethods[type], M_OSD, M_WAITOK);
-   newptr = malloc(sizeof(osd_destructor_t) * osd_nslots[type],
-   M_OSD, M_WAITOK);
-   rm_wlock(_object_lock[type]);
-   bcopy(osd_destructors[type], newptr,
+   if (i == osdm[type].osd_ntslots) {
+   osdm[type].osd_ntslots++;
+   if (osdm[type].osd_nmethods != 0)
+   osdm[type].osd_methods = realloc(osdm[type].osd_methods,
+   sizeof(osd_method_t) * osdm[type].osd_ntslots *
+   osdm[type].osd_nmethods, M_OSD, M_WAITOK);
+   newptr = malloc(sizeof(osd_destructor_t) *
+   osdm[type].osd_ntslots, M_OSD, M_WAITOK);
+   rm_wlock([type].osd_object_lock);
+   bcopy(osdm[type].osd_destructors, newptr,
sizeof(osd_destructor_t) * i);
-   free(osd_destructors[type], M_OSD);
-   osd_destructors[type] = newptr;
-   rm_wunlock(_object_lock[type]);
+   free(osdm[type].osd_destructors, M_OSD);
+   osdm[type].osd_destructors = newptr;
+   rm_wunlock([type].osd_object_lock);
OSD_DEBUG("New slot allocated (type=%u, slot=%u).",
type, i + 1);
}
 
-   osd_destructors[type][i] = destructor;
-   if (osd_nmethods[type] != 0) {
-   for (m = 0; m < osd_nmethods[type]; m++)
-   osd_methods[type][i * osd_nmethods[type] + m] =
-   methods != NULL ? methods[m] : NULL;
+   osdm[type].osd_destructors[i] = destructor;
+   if (osdm[type].osd_nmethods != 0) {
+

svn commit: r295468 - in head: lib/libc/sys usr.sbin/jail

2016-02-10 Thread Jamie Gritton

Author: jamie
Date: Wed Feb 10 14:48:49 2016
New Revision: 295468
URL: https://svnweb.freebsd.org/changeset/base/295468

Log:
  Remove man page references to rndassociates.com, which has been taken over
  by a domain squatter.

Modified:
  head/lib/libc/sys/jail.2
  head/usr.sbin/jail/jail.8
  head/usr.sbin/jail/jail.conf.5

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Wed Feb 10 12:14:56 2016(r295467)
+++ head/lib/libc/sys/jail.2Wed Feb 10 14:48:49 2016(r295468)
@@ -405,7 +405,6 @@ system calls appeared in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R Associates
-.Dq Li http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .An James Gritton

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Wed Feb 10 12:14:56 2016(r295467)
+++ head/usr.sbin/jail/jail.8   Wed Feb 10 14:48:49 2016(r295468)
@@ -1260,7 +1260,6 @@ The configuration file was introduced in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R Associates
-.Pa http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .Pp

Modified: head/usr.sbin/jail/jail.conf.5
==
--- head/usr.sbin/jail/jail.conf.5  Wed Feb 10 12:14:56 2016
(r295467)
+++ head/usr.sbin/jail/jail.conf.5  Wed Feb 10 14:48:49 2016
(r295468)
@@ -224,7 +224,6 @@ file was added in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R Associates
-.Pa http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .Pp
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r294749 - head/etc/rc.d

2016-01-25 Thread Jamie Gritton

Author: jamie
Date: Mon Jan 25 22:14:31 2016
New Revision: 294749
URL: https://svnweb.freebsd.org/changeset/base/294749

Log:
  Allow the (old rc-style) exec_afterstart jail parameters to start numbering
  at 0, like exec_prestart and the others do.  Make param0 optional, i.e.
  still look for param1.
  
  PR:   142973
  MFC after:3 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Mon Jan 25 22:12:03 2016(r294748)
+++ head/etc/rc.d/jail  Mon Jan 25 22:14:31 2016(r294749)
@@ -32,7 +32,7 @@ need_dad_wait=
 #  Extract value from ${jail_$jv_$name} or ${jail_$name} and
 #  set it to $param.  If not defined, $defval is used.
 #  When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and
-#  $param is set by using +=.
+#  $param is set by using +=.  $num=0 is optional (params may start at 1).
 #  When $num is YN or NY, the value is interpret as boolean.
 extract_var()
 {
@@ -72,7 +72,7 @@ extract_var()
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then 
echo "  $_param += \"$_tmpargs\";"
-   else
+   elif [ $i != 0 ]; then
break;
fi
i=$(($i + 1))
@@ -202,7 +202,7 @@ parse_options()
extract_var $_jv exec_poststop exec.poststop 0 ""
 
echo "  exec.start += \"$_exec_start\";"
-   extract_var $_jv exec_afterstart exec.start 1 ""
+   extract_var $_jv exec_afterstart exec.start 0 ""
echo "  exec.stop = \"$_exec_stop\";"
 
extract_var $_jv consolelog exec.consolelog - \
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r294196 - head/usr.sbin/jail

2016-01-16 Thread Jamie Gritton

Author: jamie
Date: Sat Jan 16 22:32:57 2016
New Revision: 294196
URL: https://svnweb.freebsd.org/changeset/base/294196

Log:
  Don't bother checking an ip[46].addr netmask/prefixlen.  This is already
  handled by ifconfig, and it was doing it wrong when the paramater included
  extra ifconfig options.
  
  PR:   205926
  MFC after:5 days

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Sat Jan 16 21:24:12 2016(r294195)
+++ head/usr.sbin/jail/config.c Sat Jan 16 22:32:57 2016(r294196)
@@ -454,7 +454,7 @@ check_intparams(struct cfjail *j)
struct addrinfo hints;
struct addrinfo *ai0, *ai;
const char *hostname;
-   int gicode, defif, prefix;
+   int gicode, defif;
 #endif
 #ifdef INET
struct in_addr addr4;
@@ -597,15 +597,7 @@ check_intparams(struct cfjail *j)
strcpy(s->s, cs + 1);
s->len -= cs + 1 - s->s;
}
-   if ((cs = strchr(s->s, '/'))) {
-   prefix = strtol(cs + 1, , 10);
-   if (*ep == '.'
-   ? inet_pton(AF_INET, cs + 1, ) != 1
-   : *ep || prefix < 0 || prefix > 32) {
-   jail_warnx(j,
-   "ip4.addr: bad netmask \"%s\"", cs);
-   error = -1; 
-   }
+   if ((cs = strchr(s->s, '/')) != NULL) {
*cs = '\0';
s->len = cs - s->s;
}
@@ -626,14 +618,7 @@ check_intparams(struct cfjail *j)
strcpy(s->s, cs + 1);
s->len -= cs + 1 - s->s;
}
-   if ((cs = strchr(s->s, '/'))) {
-   prefix = strtol(cs + 1, , 10);
-   if (*ep || prefix < 0 || prefix > 128) {
-   jail_warnx(j,
-   "ip6.addr: bad prefixlen \"%s\"",
-   cs);
-   error = -1; 
-   }
+   if ((cs = strchr(s->s, '/')) != NULL) {
*cs = '\0';
s->len = cs - s->s;
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r294183 - head/usr.sbin/jail

2016-01-16 Thread Jamie Gritton

Author: jamie
Date: Sat Jan 16 18:13:28 2016
New Revision: 294183
URL: https://svnweb.freebsd.org/changeset/base/294183

Log:
  Clear errno before calling getpw*.

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cSat Jan 16 18:11:17 2016
(r294182)
+++ head/usr.sbin/jail/command.cSat Jan 16 18:13:28 2016
(r294183)
@@ -877,6 +877,7 @@ get_user_info(struct cfjail *j, const ch
 {
const struct passwd *pwd;
 
+   errno = 0;
*pwdp = pwd = username ? getpwnam(username) : getpwuid(getuid());
if (pwd == NULL) {
if (errno)
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r292759 - head/etc/rc.d

2015-12-26 Thread Jamie Gritton

Author: jamie
Date: Sat Dec 26 23:01:34 2015
New Revision: 292759
URL: https://svnweb.freebsd.org/changeset/base/292759

Log:
  Let old-style (shell-based) jail configuration handle jail names that
  contain characters not allowed in a shell variable (such as "-").
  These will be replaced by an underscore in jail config variables,
  e.g. for jail "foo-bar" you would set "jail_foo_bar_hostname".
  
  This is separate from the current code that changes the jail names
  if they contain "." or "/".  It also doesn't apply to jails defined
  in a jail.conf file.
  
  PR:   191181
  MFC after:5 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Sat Dec 26 22:27:48 2015(r292758)
+++ head/etc/rc.d/jail  Sat Dec 26 23:01:34 2015(r292759)
@@ -28,16 +28,16 @@ extra_commands="config console status"
 
 need_dad_wait=
 
-# extract_var jail name param num defval
-#  Extract value from ${jail_$jail_$name} or ${jail_$name} and
+# extract_var jv name param num defval
+#  Extract value from ${jail_$jv_$name} or ${jail_$name} and
 #  set it to $param.  If not defined, $defval is used.
-#  When $num is [0-9]*, ${jail_$jail_$name$num} are looked up and
+#  When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and
 #  $param is set by using +=.
 #  When $num is YN or NY, the value is interpret as boolean.
 extract_var()
 {
-   local i _j _name _param _num _def _name1 _name2
-   _j=$1
+   local i _jv _name _param _num _def _name1 _name2
+   _jv=$1
_name=$2
_param=$3
_num=$4
@@ -45,7 +45,7 @@ extract_var()
 
case $_num in
YN)
-   _name1=jail_${_j}_${_name}
+   _name1=jail_${_jv}_${_name}
_name2=jail_${_name}
eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\"
if checkyesno $_name1; then
@@ -55,7 +55,7 @@ extract_var()
fi
;;
NY)
-   _name1=jail_${_j}_${_name}
+   _name1=jail_${_jv}_${_name}
_name2=jail_${_name}
eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\"
if checkyesno $_name1; then
@@ -67,7 +67,7 @@ extract_var()
[0-9]*)
i=$_num
while : ; do
-   _name1=jail_${_j}_${_name}${i}
+   _name1=jail_${_jv}_${_name}${i}
_name2=jail_${_name}${i}
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then 
@@ -79,7 +79,7 @@ extract_var()
done
;;
*)
-   _name1=jail_${_j}_${_name}
+   _name1=jail_${_jv}_${_name}
_name2=jail_${_name}
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then
@@ -89,22 +89,23 @@ extract_var()
esac
 }
 
-# parse_options _j
+# parse_options _j _jv
 #  Parse options and create a temporary configuration file if necessary.
 #
 parse_options()
 {
-   local _j _p
+   local _j _jv _p
_j=$1
+   _jv=$2
 
_confwarn=0
if [ -z "$_j" ]; then
warn "parse_options: you must specify a jail"
return
fi
-   eval _jconf=\"\${jail_${_j}_conf:-/etc/jail.${_j}.conf}\"
-   eval _rootdir=\"\$jail_${_j}_rootdir\"
-   eval _hostname=\"\$jail_${_j}_hostname\"
+   eval _jconf=\"\${jail_${_jv}_conf:-/etc/jail.${_j}.conf}\"
+   eval _rootdir=\"\$jail_${_jv}_rootdir\"
+   eval _hostname=\"\$jail_${_jv}_hostname\"
if [ -z "$_rootdir" -o \
 -z "$_hostname" ]; then
if [ -r "$_jconf" ]; then
@@ -120,7 +121,7 @@ parse_options()
fi
return 1
fi
-   eval _ip=\"\$jail_${_j}_ip\"
+   eval _ip=\"\$jail_${_jv}_ip\"
if [ -z "$_ip" ] && ! check_kern_features vimage; then
warn "no ipaddress specified and no vimage support.  " \
"Jail $_j was ignored."
@@ -138,10 +139,10 @@ parse_options()
fi
/usr/bin/install -m 0644 -o root -g wheel /dev/null $_conf || return 1
 
-   eval : \${jail_${_j}_flags:=${jail_flags}}
-   eval _exec=\"\$jail_${_j}_exec\"
-   eval _exec_start=\"\$jail_${_j}_exec_start\"
-   eval _exec_stop=\"\$jail_${_j}_exec_stop\"
+   eval : \${jail_${_jv}_flags:=${jail_flags}}
+   eval _exec=\"\$jail_${_jv}_exec\"
+   eval _exec_start=\"\$jail_${_jv}_exec_start\"
+   eval _exec_stop=\"\$jail_${_jv}_exec_stop\"
if [ -n "${_exec}" ]; then
#   simple/backward-compatible execution
_exec_start="${_exec}"
@@ -155,20 +156,20 @@ parse_options()
fi
fi
fi
-   eval

svn commit: r292277 - head/sys/kern

2015-12-15 Thread Jamie Gritton

Author: jamie
Date: Tue Dec 15 17:25:00 2015
New Revision: 292277
URL: https://svnweb.freebsd.org/changeset/base/292277

Log:
  Fix jail name checking that disallowed anything that starts with '0'.
  The intention was to just limit leading zeroes on numeric names.  That
  check is now improved to also catch the leading spaces and '+' that
  strtoul can pass through.
  
  PR:   204897
  MFC after:3 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Dec 15 16:04:45 2015(r292276)
+++ head/sys/kern/kern_jail.c   Tue Dec 15 17:25:00 2015(r292277)
@@ -1580,11 +1580,14 @@ kern_jail_set(struct thread *td, struct 
 #endif
onamelen = namelen = 0;
if (name != NULL) {
-   /* Give a default name of the jid. */
+   /* Give a default name of the jid.  Also allow the name to be
+* explicitly the jid - but not any other number, and only in
+* normal form (no leading zero/etc).
+*/
if (name[0] == '\0')
snprintf(name = numbuf, sizeof(numbuf), "%d", jid);
-   else if (*namelc == '0' || (strtoul(namelc, , 10) != jid &&
-   *p == '\0')) {
+   else if ((strtoul(namelc, , 10) != jid ||
+ namelc[0] < '1' || namelc[0] > '9') && *p == '\0') {
error = EINVAL;
vfs_opterror(opts,
"name cannot be numeric (unless it is the jid)");
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r287012 - in head/bin/pkill: . tests

2015-08-21 Thread Jamie Gritton

Author: jamie
Date: Sat Aug 22 05:04:36 2015
New Revision: 287012
URL: https://svnweb.freebsd.org/changeset/base/287012

Log:
  Make pkill/pgrep -j ARG take jname, not just jid.
  
  PR:   201588
  Submitted by: Daniel Shahaf danielsh at apache.org
  MFC after:3 days

Modified:
  head/bin/pkill/Makefile
  head/bin/pkill/Makefile.depend
  head/bin/pkill/pkill.1
  head/bin/pkill/pkill.c
  head/bin/pkill/tests/pgrep-j_test.sh
  head/bin/pkill/tests/pkill-j_test.sh

Modified: head/bin/pkill/Makefile
==
--- head/bin/pkill/Makefile Sat Aug 22 03:29:12 2015(r287011)
+++ head/bin/pkill/Makefile Sat Aug 22 05:04:36 2015(r287012)
@@ -5,7 +5,7 @@
 
 PROG=  pkill
 
-LIBADD=kvm
+LIBADD=kvm jail
 
 LINKS= ${BINDIR}/pkill ${BINDIR}/pgrep
 MLINKS=pkill.1 pgrep.1

Modified: head/bin/pkill/Makefile.depend
==
--- head/bin/pkill/Makefile.depend  Sat Aug 22 03:29:12 2015
(r287011)
+++ head/bin/pkill/Makefile.depend  Sat Aug 22 05:04:36 2015
(r287012)
@@ -9,6 +9,7 @@ DIRDEPS = \
lib/${CSU_DIR} \
lib/libc \
lib/libcompiler_rt \
+   lib/libjail \
lib/libkvm \
 
 

Modified: head/bin/pkill/pkill.1
==
--- head/bin/pkill/pkill.1  Sat Aug 22 03:29:12 2015(r287011)
+++ head/bin/pkill/pkill.1  Sat Aug 22 05:04:36 2015(r287012)
@@ -29,7 +29,7 @@
 .\ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\ POSSIBILITY OF SUCH DAMAGE.
 .\
-.Dd August 9, 2013
+.Dd August 21, 2015
 .Dt PKILL 1
 .Os
 .Sh NAME
@@ -47,7 +47,7 @@
 .Op Fl c Ar class
 .Op Fl d Ar delim
 .Op Fl g Ar pgrp
-.Op Fl j Ar jid
+.Op Fl j Ar jail
 .Op Fl s Ar sid
 .Op Fl t Ar tty
 .Op Fl u Ar euid
@@ -63,7 +63,7 @@
 .Op Fl U Ar uid
 .Op Fl c Ar class
 .Op Fl g Ar pgrp
-.Op Fl j Ar jid
+.Op Fl j Ar jail
 .Op Fl s Ar sid
 .Op Fl t Ar tty
 .Op Fl u Ar euid
@@ -149,16 +149,16 @@ or
 command.
 .It Fl i
 Ignore case distinctions in both the process table and the supplied pattern.
-.It Fl j Ar jid
-Restrict matches to processes inside jails with a jail ID in the 
comma-separated
-list
-.Ar jid .
-The value
+.It Fl j Ar jail
+Restrict matches to processes inside the specified jails.
+The argument
+.Ar jail
+may be
 .Dq Li any
-matches processes in any jail.
-The value
+to match processes in any jail,
 .Dq Li none
-matches processes not in jail.
+to match processes not in jail,
+or a comma-separated list of jail IDs or names.
 .It Fl l
 Long output.
 For

Modified: head/bin/pkill/pkill.c
==
--- head/bin/pkill/pkill.c  Sat Aug 22 03:29:12 2015(r287011)
+++ head/bin/pkill/pkill.c  Sat Aug 22 05:04:36 2015(r287012)
@@ -59,6 +59,7 @@ __FBSDID($FreeBSD$);
 #include grp.h
 #include errno.h
 #include locale.h
+#include jail.h
 
 #defineSTATUS_MATCH0
 #defineSTATUS_NOMATCH  1
@@ -78,7 +79,7 @@ enum listtype {
LT_GROUP,
LT_TTY,
LT_PGRP,
-   LT_JID,
+   LT_JAIL,
LT_SID,
LT_CLASS
 };
@@ -245,7 +246,7 @@ main(int argc, char **argv)
cflags |= REG_ICASE;
break;
case 'j':
-   makelist(jidlist, LT_JID, optarg);
+   makelist(jidlist, LT_JAIL, optarg);
criteria = 1;
break;
case 'l':
@@ -585,7 +586,7 @@ usage(void)
 
fprintf(stderr,
usage: %s %s [-F pidfile] [-G gid] [-M core] [-N system]\n
-[-P ppid] [-U uid] [-c class] [-g pgrp] [-j 
jid]\n
+[-P ppid] [-U uid] [-c class] [-g pgrp] [-j 
jail]\n
 [-s sid] [-t tty] [-u euid] pattern ...\n,
getprogname(), ustr);
 
@@ -700,7 +701,7 @@ makelist(struct listhead *head, enum lis
if (li-li_number == 0)
li-li_number = getsid(mypid);
break;
-   case LT_JID:
+   case LT_JAIL:
if (li-li_number  0)
errx(STATUS_BADUSAGE,
 Negative jail ID `%s', sp);
@@ -766,15 +767,20 @@ foundtty: if ((st.st_mode  S_IFCHR) ==
 
li-li_number = st.st_rdev;
break;
-   case LT_JID:
+   case LT_JAIL: {
+   int jid;
+
if (strcmp(sp, none) == 0)
li-li_number = 0;
else if (strcmp(sp, any) == 0)

svn commit: r285420 - head/usr.sbin/jexec

2015-07-12 Thread Jamie Gritton

Author: jamie
Date: Sun Jul 12 17:03:50 2015
New Revision: 285420
URL: https://svnweb.freebsd.org/changeset/base/285420

Log:
  Run a shell in the jail when no command is specified.
  Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
  Change the GET_USER_INFO macro into a function.
  
  PR:   201300
  Submitted by: Willem Jan Withagen
  MFC after:3 days

Modified:
  head/usr.sbin/jexec/jexec.8
  head/usr.sbin/jexec/jexec.c

Modified: head/usr.sbin/jexec/jexec.8
==
--- head/usr.sbin/jexec/jexec.8 Sun Jul 12 15:24:05 2015(r285419)
+++ head/usr.sbin/jexec/jexec.8 Sun Jul 12 17:03:50 2015(r285420)
@@ -25,7 +25,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd May 27, 2009
+.Dd Jul 11, 2015
 .Dt JEXEC 8
 .Os
 .Sh NAME
@@ -33,8 +33,9 @@
 .Nd execute a command inside an existing jail
 .Sh SYNOPSIS
 .Nm
+.Op Fl l
 .Op Fl u Ar username | Fl U Ar username
-.Ar jail command ...
+.Ar jail Op Ar command ...
 .Sh DESCRIPTION
 The
 .Nm
@@ -43,9 +44,17 @@ utility executes
 inside the
 .Ar jail
 identified by its jid or name.
+If
+.Ar command
+is not specified then the user's shell is used.
 .Pp
 The following options are available:
 .Bl -tag -width indent
+.It Fl l
+Execute in a clean environment.
+The environment is discarded except for
+.Ev HOME , SHELL , TERM , USER ,
+and anything from the login class capability database for the user.
 .It Fl u Ar username
 The user name from host environment as whom the
 .Ar command

Modified: head/usr.sbin/jexec/jexec.c
==
--- head/usr.sbin/jexec/jexec.c Sun Jul 12 15:24:05 2015(r285419)
+++ head/usr.sbin/jexec/jexec.c Sun Jul 12 17:03:50 2015(r285420)
@@ -40,49 +40,37 @@
 #include jail.h
 #include limits.h
 #include login_cap.h
+#include paths.h
+#include pwd.h
 #include stdio.h
 #include stdlib.h
 #include string.h
-#include pwd.h
 #include unistd.h
 
-static voidusage(void);
+extern char **environ;
 
-#define GET_USER_INFO do { \
-   pwd = getpwnam(username);   \
-   if (pwd == NULL) {  \
-   if (errno)  \
-   err(1, getpwnam: %s, username);   \
-   else\
-   errx(1, %s: no such user, username);  \
-   }   \
-   lcap = login_getpwclass(pwd);   \
-   if (lcap == NULL)   \
-   err(1, getpwclass: %s, username); \
-   ngroups = ngroups_max;  \
-   if (getgrouplist(username, pwd-pw_gid, groups, ngroups) != 0) \
-   err(1, getgrouplist: %s, username);   \
-} while (0)
+static voidget_user_info(const char *username, const struct passwd **pwdp,
+login_cap_t **lcapp);
+static voidusage(void);
 
 int
 main(int argc, char *argv[])
 {
int jid;
login_cap_t *lcap = NULL;
-   struct passwd *pwd = NULL;
-   gid_t *groups = NULL;
-   int ch, ngroups, uflag, Uflag;
-   long ngroups_max;
-   char *username;
+   int ch, clean, uflag, Uflag;
+   char *cleanenv;
+   const struct passwd *pwd = NULL;
+   const char *username, *shell, *term;
 
-   ch = uflag = Uflag = 0;
+   ch = clean = uflag = Uflag = 0;
username = NULL;
-   ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
-   if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
-   err(1, malloc);
 
-   while ((ch = getopt(argc, argv, nu:U:)) != -1) {
+   while ((ch = getopt(argc, argv, lnu:U:)) != -1) {
switch (ch) {
+   case 'l':
+   clean = 1;
+   break;
case 'n':
/* Specified name, now unused */
break;
@@ -100,12 +88,15 @@ main(int argc, char *argv[])
}
argc -= optind;
argv += optind;
-   if (argc  2)
+   if (argc  1)
usage();
if (uflag  Uflag)
usage();
-   if (uflag)
-   GET_USER_INFO;
+   if (uflag || (clean  !Uflag))
+   /* User info from the home environment */
+   get_user_info(username, pwd, lcap);
+
+   /* Attach to the jail */
jid = jail_getid(argv[0]);
if (jid  0)
errx(1, %s, jail_errmsg);
@@ -113,28 +104,88 @@ main(int argc, char *argv[])
err(1, jail_attach(%d), jid);
if (chdir(/) == -1)
err(1, chdir(): /);
-   if (username != NULL) {
+
+   /*

svn commit: r279123 - head/usr.sbin/jls

2015-02-21 Thread Jamie Gritton

Author: jamie
Date: Sun Feb 22 00:00:10 2015
New Revision: 279123
URL: https://svnweb.freebsd.org/changeset/base/279123

Log:
  Allow for parameters added with the JP_OPT flag to not exist.
  That's why the flag exists in the first place.
  
  MFC after:1 week

Modified:
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Sat Feb 21 23:47:20 2015(r279122)
+++ head/usr.sbin/jls/jls.c Sun Feb 22 00:00:10 2015(r279123)
@@ -294,10 +294,8 @@ add_param(const char *name, void *value,
param-jp_flags |= flags;
return param - params;
}
-   if (jailparam_init(param, name)  0)
-   errx(1, %s, jail_errmsg);
-   param-jp_flags = flags;
-   if ((value != NULL ? jailparam_import_raw(param, value, valuelen)
+   if (jailparam_init(param, name)  0 ||
+   (value != NULL ? jailparam_import_raw(param, value, valuelen)
 : jailparam_import(param, value))  0) {
if (flags  JP_OPT) {
nparams--;
@@ -305,6 +303,7 @@ add_param(const char *name, void *value,
}
errx(1, %s, jail_errmsg);
}
+   param-jp_flags = flags;
return param - params;
 }
 
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r279081 - head/usr.sbin/jls

2015-02-20 Thread Jamie Gritton

Author: jamie
Date: Fri Feb 20 19:48:24 2015
New Revision: 279081
URL: https://svnweb.freebsd.org/changeset/base/279081

Log:
  Allow parameters listed on the command line to override the -v option,
  instead of crashing.
  
  PR:   197701
  MFC after:1 week

Modified:
  head/usr.sbin/jls/jls.8
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.8
==
--- head/usr.sbin/jls/jls.8 Fri Feb 20 19:44:02 2015(r279080)
+++ head/usr.sbin/jls/jls.8 Fri Feb 20 19:48:24 2015(r279081)
@@ -92,7 +92,8 @@ skipping read-only and unused parameters
 Implies
 .Fl nq .
 .It Fl v
-Print a multiple-line summary per jail, with the following parameters:
+Extend the standard display with a multiple-line summary per jail,
+containing the following parameters:
 jail identifier (jid), hostname (host.hostname), path (path),
 jail name (name), jail state (dying), cpuset ID (cpuset),
 IP address(es) (ip4.addr and ip6.addr).

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Fri Feb 20 19:44:02 2015(r279080)
+++ head/usr.sbin/jls/jls.c Fri Feb 20 19:48:24 2015(r279081)
@@ -166,10 +166,12 @@ main(int argc, char **argv)
JP_USER);
add_param(path, NULL, (size_t)0, NULL, JP_USER);
}
-   } else
+   } else {
+   pflags = ~PRINT_VERBOSE;
while (optind  argc)
add_param(argv[optind++], NULL, (size_t)0, NULL,
JP_USER);
+   }
 
if (pflags  PRINT_SKIP) {
/* Check for parameters with jailsys parents. */
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r279083 - head/usr.sbin/jls

2015-02-20 Thread Jamie Gritton

Author: jamie
Date: Fri Feb 20 20:12:05 2015
New Revision: 279083
URL: https://svnweb.freebsd.org/changeset/base/279083

Log:
  Fix the logic for skipping parameters (with -s) that have jailsys
  parents (such as host.hostname); these were being skipped all the time.
  That it went this long without anyone noticing is a sign that this feature
  isn't actually used by anyone, but it's there so it might as well work.
  
  MFC after:1 week

Modified:
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Fri Feb 20 20:02:47 2015(r279082)
+++ head/usr.sbin/jls/jls.c Fri Feb 20 20:12:05 2015(r279083)
@@ -78,7 +78,7 @@ static void quoted_print(char *str);
 int
 main(int argc, char **argv)
 {
-   char *dot, *ep, *jname;
+   char *dot, *ep, *jname, *pname;
int c, i, jflags, jid, lastjid, pflags, spc;
 
jname = NULL;
@@ -178,10 +178,11 @@ main(int argc, char **argv)
for (i = 0; i  nparams; i++) {
if ((params[i].jp_flags  JP_USER) 
(dot = strchr(params[i].jp_name, '.'))) {
-   *dot = 0;
-   param_parent[i] = add_param(params[i].jp_name,
+   pname = alloca((dot - params[i].jp_name) + 1);
+   strlcpy(pname, params[i].jp_name,
+   (dot - params[i].jp_name) + 1);
+   param_parent[i] = add_param(pname,
NULL, (size_t)0, NULL, JP_OPT);
-   *dot = '.';
}
}
}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r278480 - head/etc/rc.d

2015-02-09 Thread Jamie Gritton

Author: jamie
Date: Tue Feb 10 00:48:51 2015
New Revision: 278480
URL: https://svnweb.freebsd.org/changeset/base/278480

Log:
  Un-revert the r278323 again - whatever Jenkins/kyua is up it, it has
  nothing to do with this.

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Mon Feb  9 23:13:50 2015(r278479)
+++ head/etc/rc.d/jail  Tue Feb 10 00:48:51 2015(r278480)
@@ -233,8 +233,7 @@ parse_options()
fi
eval : \${jail_${_j}_procfs_enable:=${jail_procfs_enable:-NO}}
if checkyesno jail_${_j}_procfs_enable; then
-   echo   mount +=  \
-   \procfs ${_rootdir%/}/proc procfs rw 0 0\;
+   echo   mount.procfs;
fi
 
eval : \${jail_${_j}_mount_enable:=${jail_mount_enable:-NO}}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r278343 - head/etc/rc.d

2015-02-06 Thread Jamie Gritton

Author: jamie
Date: Sat Feb  7 05:02:10 2015
New Revision: 278343
URL: https://svnweb.freebsd.org/changeset/base/278343

Log:
  Revert the rc part of r278323 until I can figure out what Jenkins is doing.

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Sat Feb  7 01:50:32 2015(r278342)
+++ head/etc/rc.d/jail  Sat Feb  7 05:02:10 2015(r278343)
@@ -233,7 +233,8 @@ parse_options()
fi
eval : \${jail_${_j}_procfs_enable:=${jail_procfs_enable:-NO}}
if checkyesno jail_${_j}_procfs_enable; then
-   echo   mount.procfs;
+   echo   mount +=  \
+   \procfs ${_rootdir%/}/proc procfs rw 0 0\;
fi
 
eval : \${jail_${_j}_mount_enable:=${jail_mount_enable:-NO}}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r278323 - in head: etc/rc.d usr.sbin/jail

2015-02-06 Thread Jamie Gritton

Author: jamie
Date: Fri Feb  6 17:54:53 2015
New Revision: 278323
URL: https://svnweb.freebsd.org/changeset/base/278323

Log:
  Add mount.procfs jail parameter, so procfs can be mounted when a prison's
  root is in its fstab.
  
  Also fix a typo while I'm at it.
  
  PR:   197237 197066
  MFC after:3 days

Modified:
  head/etc/rc.d/jail
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/config.c
  head/usr.sbin/jail/jail.8
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/jailp.h

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Fri Feb  6 17:43:13 2015(r278322)
+++ head/etc/rc.d/jail  Fri Feb  6 17:54:53 2015(r278323)
@@ -28,7 +28,7 @@ extra_commands=config console status
 
 need_dad_wait=
 
-# extact_var jail name param num defval
+# extract_var jail name param num defval
 #  Extract value from ${jail_$jail_$name} or ${jail_$name} and
 #  set it to $param.  If not defined, $defval is used.
 #  When $num is [0-9]*, ${jail_$jail_$name$num} are looked up and
@@ -233,8 +233,7 @@ parse_options()
fi
eval : \${jail_${_j}_procfs_enable:=${jail_procfs_enable:-NO}}
if checkyesno jail_${_j}_procfs_enable; then
-   echo   mount +=  \
-   \procfs ${_rootdir%/}/proc procfs rw 0 0\;
+   echo   mount.procfs;
fi
 
eval : \${jail_${_j}_mount_enable:=${jail_mount_enable:-NO}}

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cFri Feb  6 17:43:13 2015
(r278322)
+++ head/usr.sbin/jail/command.cFri Feb  6 17:54:53 2015
(r278323)
@@ -112,6 +112,12 @@ next_command(struct cfjail *j)
if (!bool_param(j-intparams[IP_MOUNT_FDESCFS]))
continue;
j-comstring = dummystring;
+   break;
+   case IP_MOUNT_PROCFS:
+   if (!bool_param(j-intparams[IP_MOUNT_PROCFS]))
+   continue;
+   j-comstring = dummystring;
+   break;
case IP__OP:
case IP_STOP_TIMEOUT:
j-comstring = dummystring;
@@ -528,6 +534,32 @@ run_command(struct cfjail *j)
}
break;
 
+   case IP_MOUNT_PROCFS:
+   argv = alloca(7 * sizeof(char *));
+   path = string_param(j-intparams[KP_PATH]);
+   if (path == NULL) {
+   jail_warnx(j, mount.procfs: no path);
+   return -1;
+   }
+   devpath = alloca(strlen(path) + 6);
+   sprintf(devpath, %s/proc, path);
+   if (check_path(j, mount.procfs, devpath, 0,
+   down ? procfs : NULL)  0)
+   return -1;
+   if (down) {
+   argv[0] = /sbin/umount;
+   argv[1] = devpath;
+   argv[2] = NULL;
+   } else {
+   argv[0] = _PATH_MOUNT;
+   argv[1] = -t;
+   argv[2] = procfs;
+   argv[3] = .;
+   argv[4] = devpath;
+   argv[5] = NULL;
+   }
+   break;
+
case IP_COMMAND:
if (j-name != NULL)
goto default_command;

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Fri Feb  6 17:43:13 2015(r278322)
+++ head/usr.sbin/jail/config.c Fri Feb  6 17:54:53 2015(r278323)
@@ -84,6 +84,7 @@ static const struct ipspec intparams[] =
 [IP_MOUNT] =   {mount,   PF_INTERNAL | PF_REV},
 [IP_MOUNT_DEVFS] = {mount.devfs, PF_INTERNAL | PF_BOOL},
 [IP_MOUNT_FDESCFS] =   {mount.fdescfs,   PF_INTERNAL | PF_BOOL},
+[IP_MOUNT_PROCFS] ={mount.procfs,PF_INTERNAL | 
PF_BOOL},
 [IP_MOUNT_FSTAB] = {mount.fstab, PF_INTERNAL},
 [IP_STOP_TIMEOUT] ={stop.timeout,PF_INTERNAL | 
PF_INT},
 [IP_VNET_INTERFACE] =  {vnet.interface,  PF_INTERNAL},

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Fri Feb  6 17:43:13 2015(r278322)
+++ head/usr.sbin/jail/jail.8   Fri Feb  6 17:54:53 2015(r278323)
@@ -25,7 +25,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd January 28, 2015
+.Dd February 6, 2015
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -753,6 +753,12 @@

svn commit: r277855 - in head: sys/fs/fdescfs sys/kern sys/sys usr.sbin/jail

2015-01-28 Thread Jamie Gritton

Author: jamie
Date: Wed Jan 28 21:08:09 2015
New Revision: 277855
URL: https://svnweb.freebsd.org/changeset/base/277855

Log:
  Add allow.mount.fdescfs jail flag.
  
  PR:   192951
  Submitted by: ru...@verweg.com
  MFC after:3 days

Modified:
  head/sys/fs/fdescfs/fdesc_vfsops.c
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/fs/fdescfs/fdesc_vfsops.c
==
--- head/sys/fs/fdescfs/fdesc_vfsops.c  Wed Jan 28 21:01:55 2015
(r277854)
+++ head/sys/fs/fdescfs/fdesc_vfsops.c  Wed Jan 28 21:08:09 2015
(r277855)
@@ -42,6 +42,7 @@
 #include sys/systm.h
 #include sys/filedesc.h
 #include sys/kernel.h
+#include sys/jail.h
 #include sys/lock.h
 #include sys/mutex.h
 #include sys/malloc.h
@@ -78,8 +79,12 @@ fdesc_mount(struct mount *mp)
 {
int error = 0;
struct fdescmount *fmp;
+   struct thread *td = curthread;
struct vnode *rvp;
 
+   if (!prison_allow(td-td_ucred, PR_ALLOW_MOUNT_FDESCFS))
+   return (EPERM);
+
/*
 * Update is a no-op
 */
@@ -237,4 +242,4 @@ static struct vfsops fdesc_vfsops = {
.vfs_unmount =  fdesc_unmount,
 };
 
-VFS_SET(fdesc_vfsops, fdescfs, VFCF_SYNTHETIC);
+VFS_SET(fdesc_vfsops, fdescfs, VFCF_SYNTHETIC | VFCF_JAIL);

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Jan 28 21:01:55 2015(r277854)
+++ head/sys/kern/kern_jail.c   Wed Jan 28 21:08:09 2015(r277855)
@@ -208,6 +208,7 @@ static char *pr_allow_names[] = {
allow.mount.zfs,
allow.mount.procfs,
allow.mount.tmpfs,
+   allow.mount.fdescfs,
 };
 const size_t pr_allow_names_size = sizeof(pr_allow_names);
 
@@ -224,6 +225,7 @@ static char *pr_allow_nonames[] = {
allow.mount.nozfs,
allow.mount.noprocfs,
allow.mount.notmpfs,
+   allow.mount.nofdescfs,
 };
 const size_t pr_allow_nonames_size = sizeof(pr_allow_nonames);
 
@@ -4213,6 +4215,10 @@ SYSCTL_PROC(_security_jail, OID_AUTO, mo
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, I,
 Processes in jail can mount the devfs file system);
+SYSCTL_PROC(_security_jail, OID_AUTO, mount_fdescfs_allowed,
+CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+NULL, PR_ALLOW_MOUNT_FDESCFS, sysctl_jail_default_allow, I,
+Processes in jail can mount the fdescfs file system);
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, I,
@@ -4373,6 +4379,8 @@ SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYP
 B, Jail may mount/unmount jail-friendly file systems in general);
 SYSCTL_JAIL_PARAM(_allow_mount, devfs, CTLTYPE_INT | CTLFLAG_RW,
 B, Jail may mount the devfs file system);
+SYSCTL_JAIL_PARAM(_allow_mount, fdescfs, CTLTYPE_INT | CTLFLAG_RW,
+B, Jail may mount the fdescfs file system);
 SYSCTL_JAIL_PARAM(_allow_mount, nullfs, CTLTYPE_INT | CTLFLAG_RW,
 B, Jail may mount the nullfs file system);
 SYSCTL_JAIL_PARAM(_allow_mount, procfs, CTLTYPE_INT | CTLFLAG_RW,

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Wed Jan 28 21:01:55 2015(r277854)
+++ head/sys/sys/jail.h Wed Jan 28 21:08:09 2015(r277855)
@@ -226,7 +226,8 @@ struct prison_racct {
 #definePR_ALLOW_MOUNT_ZFS  0x0200
 #definePR_ALLOW_MOUNT_PROCFS   0x0400
 #definePR_ALLOW_MOUNT_TMPFS0x0800
-#definePR_ALLOW_ALL0x0fff
+#definePR_ALLOW_MOUNT_FDESCFS  0x1000
+#definePR_ALLOW_ALL0x1fff
 
 /*
  * OSD methods

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Wed Jan 28 21:01:55 2015(r277854)
+++ head/usr.sbin/jail/jail.8   Wed Jan 28 21:08:09 2015(r277855)
@@ -25,7 +25,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd August 4, 2014
+.Dd January 28, 2015
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -362,7 +362,7 @@ A set of IPv6 options for the jail, the 
 and
 .Va ip4
 above.
-.It vnet
+.It Va vnet
 Create the jail with its own virtual network stack,
 with its own network interfaces, addresses, routing table, etc.
 The kernel must have been compiled with the
@@ -531,6 +531,14 @@ is set to a value lower than 2.
 The devfs ruleset should be restricted from the default by using the
 .Va devfs_ruleset
 option.
+.It Va allow.mount.fdescfs
+privileged users inside the jail will be able to mount and unmount the
+fdescfs file system.
+This permission is effective only together with
+.Va allow.mount
+and only when
+.Va enforce_statfs
+is set to a value lower than 2.
 .It Va

svn commit: r277159 - in head/sys: kern sys

2015-01-13 Thread Jamie Gritton

Author: jamie
Date: Wed Jan 14 04:50:28 2015
New Revision: 277159
URL: https://svnweb.freebsd.org/changeset/base/277159

Log:
  Remove the prison flags PR_IP4_DISABLE and PR_IP6_DISABLE, which have been
  write-only for as long as they've existed.

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Jan 14 03:52:41 2015(r277158)
+++ head/sys/kern/kern_jail.c   Wed Jan 14 04:50:28 2015(r277159)
@@ -187,10 +187,10 @@ struct jailsys_flags {
{ vnet, 0, PR_VNET },
 #endif
 #ifdef INET
-   { ip4, PR_IP4_USER | PR_IP4_DISABLE, PR_IP4_USER },
+   { ip4, PR_IP4_USER, PR_IP4_USER },
 #endif
 #ifdef INET6
-   { ip6, PR_IP6_USER | PR_IP6_DISABLE, PR_IP6_USER },
+   { ip6, PR_IP6_USER, PR_IP6_USER },
 #endif
 };
 const size_t pr_flag_jailsys_size = sizeof(pr_flag_jailsys);
@@ -807,11 +807,9 @@ kern_jail_set(struct thread *td, struct 
error = EINVAL;
goto done_free;
} else {
-   ch_flags |= PR_IP4_USER | PR_IP4_DISABLE;
-   if (ip4s == 0)
-   pr_flags |= PR_IP4_USER | PR_IP4_DISABLE;
-   else {
-   pr_flags = (pr_flags  ~PR_IP4_DISABLE) | PR_IP4_USER;
+   ch_flags |= PR_IP4_USER;
+   pr_flags |= PR_IP4_USER;
+   if (ip4s  0) {
ip4s /= sizeof(*ip4);
if (ip4s  jail_max_af_ips) {
error = EINVAL;
@@ -865,11 +863,9 @@ kern_jail_set(struct thread *td, struct 
error = EINVAL;
goto done_free;
} else {
-   ch_flags |= PR_IP6_USER | PR_IP6_DISABLE;
-   if (ip6s == 0)
-   pr_flags |= PR_IP6_USER | PR_IP6_DISABLE;
-   else {
-   pr_flags = (pr_flags  ~PR_IP6_DISABLE) | PR_IP6_USER;
+   ch_flags |= PR_IP6_USER;
+   pr_flags |= PR_IP6_USER;
+   if (ip6s  0) {
ip6s /= sizeof(*ip6);
if (ip6s  jail_max_af_ips) {
error = EINVAL;
@@ -1249,8 +1245,7 @@ kern_jail_set(struct thread *td, struct 
{
 #ifdef INET
if (!(ch_flags  PR_IP4_USER))
-   pr-pr_flags |=
-   PR_IP4 | PR_IP4_USER | PR_IP4_DISABLE;
+   pr-pr_flags |= PR_IP4 | PR_IP4_USER;
else if (!(pr_flags  PR_IP4_USER)) {
pr-pr_flags |= ppr-pr_flags  PR_IP4;
if (ppr-pr_ip4 != NULL) {
@@ -1265,8 +1260,7 @@ kern_jail_set(struct thread *td, struct 
 #endif
 #ifdef INET6
if (!(ch_flags  PR_IP6_USER))
-   pr-pr_flags |=
-   PR_IP6 | PR_IP6_USER | PR_IP6_DISABLE;
+   pr-pr_flags |= PR_IP6 | PR_IP6_USER;
else if (!(pr_flags  PR_IP6_USER)) {
pr-pr_flags |= ppr-pr_flags  PR_IP6;
if (ppr-pr_ip6 != NULL) {
@@ -2724,7 +2718,6 @@ prison_restrict_ip4(struct prison *pr, s
}
}
if (pr-pr_ip4s == 0) {
-   pr-pr_flags |= PR_IP4_DISABLE;
free(pr-pr_ip4, M_PRISON);
pr-pr_ip4 = NULL;
}
@@ -3065,7 +3058,6 @@ prison_restrict_ip6(struct prison *pr, s
}
}
if (pr-pr_ip6s == 0) {
-   pr-pr_flags |= PR_IP6_DISABLE;
free(pr-pr_ip6, M_PRISON);
pr-pr_ip6 = NULL;
}

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Wed Jan 14 03:52:41 2015(r277158)
+++ head/sys/sys/jail.h Wed Jan 14 04:50:28 2015(r277159)
@@ -201,8 +201,6 @@ struct prison_racct {
 #definePR_IP4_USER 0x0004  /* Restrict IPv4 addresses */
 #definePR_IP6_USER 0x0008  /* Restrict IPv6 addresses */
 #definePR_VNET 0x0010  /* Virtual network stack */
-#definePR_IP4_DISABLE  0x0020  /* Disable IPv4 */
-#definePR_IP6_DISABLE  0x0040  /* Disable IPv6 */
 #definePR_IP4_SADDRSEL 0x0080  /* Do IPv4 src addr sel. or use 
the */
/* primary jail address. */
 #definePR_IP6_SADDRSEL 0x0100  /* Do IPv6 src addr sel. or use 
the */
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To

svn commit: r277158 - head/sys/kern

2015-01-13 Thread Jamie Gritton

Author: jamie
Date: Wed Jan 14 03:52:41 2015
New Revision: 277158
URL: https://svnweb.freebsd.org/changeset/base/277158

Log:
  Don't set prison's pr_ip4s or pr_ip6s to -1.
  
  PR:   196474
  MFC after:3 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Jan 14 02:18:29 2015(r277157)
+++ head/sys/kern/kern_jail.c   Wed Jan 14 03:52:41 2015(r277158)
@@ -800,7 +800,7 @@ kern_jail_set(struct thread *td, struct 
 #ifdef INET
error = vfs_getopt(opts, ip4.addr, op, ip4s);
if (error == ENOENT)
-   ip4s = (pr_flags  PR_IP4_DISABLE) ? 0 : -1;
+   ip4s = 0;
else if (error != 0)
goto done_free;
else if (ip4s  (sizeof(*ip4) - 1)) {
@@ -858,7 +858,7 @@ kern_jail_set(struct thread *td, struct 
 #ifdef INET6
error = vfs_getopt(opts, ip6.addr, op, ip6s);
if (error == ENOENT)
-   ip6s = (pr_flags  PR_IP6_DISABLE) ? 0 : -1;
+   ip6s = 0;
else if (error != 0)
goto done_free;
else if (ip6s  (sizeof(*ip6) - 1)) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r275906 - head/usr.sbin/jail

2014-12-18 Thread Jamie Gritton

Author: jamie
Date: Thu Dec 18 18:10:39 2014
New Revision: 275906
URL: https://svnweb.freebsd.org/changeset/base/275906

Log:
  Setgid before running a command as a specified user.  Previously only
  initgroups(3) was called, what isn't quite enough.  This brings jail(8)
  in line with jexec(8), which was already doing the right thing.
  
  PR:   195984
  MFC after:1 week

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cThu Dec 18 16:57:22 2014
(r275905)
+++ head/usr.sbin/jail/command.cThu Dec 18 18:10:39 2014
(r275906)
@@ -667,6 +667,11 @@ run_command(struct cfjail *j)
if (term != NULL)
setenv(TERM, term, 1);
}
+   if (setgid(pwd-pw_gid)  0) {
+   jail_warnx(j, setgid %d: %s, pwd-pw_gid,
+   strerror(errno));
+   exit(1);
+   }
if (setusercontext(lcap, pwd, pwd-pw_uid, username
? LOGIN_SETALL  ~LOGIN_SETGROUP  ~LOGIN_SETLOGIN
: LOGIN_SETPATH | LOGIN_SETENV)  0) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r275073 - in head: lib/libjail usr.sbin/jail

2014-11-25 Thread Jamie Gritton

Author: jamie
Date: Tue Nov 25 21:01:08 2014
New Revision: 275073
URL: https://svnweb.freebsd.org/changeset/base/275073

Log:
  In preparation for using clang's -Wcast-qual:
  
  Use __DECONST (instead of my own attempted re-invention) for the iov
  parameters to jail_get/set(2).  Similarly remove the decost-ish hack
  from execvp's argv, except the __DECONST is only added at very end.
  
  While I'm at it, remove an unused variable and fix a comment typo.

Modified:
  head/lib/libjail/jail.c
  head/lib/libjail/jail_getid.c
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/state.c

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Tue Nov 25 21:00:58 2014(r275072)
+++ head/lib/libjail/jail.c Tue Nov 25 21:01:08 2014(r275073)
@@ -531,7 +531,7 @@ jailparam_set(struct jailparam *jp, unsi
}
i++;
}
-   *(const void **)jiov[i].iov_base = errmsg;
+   jiov[i].iov_base = __DECONST(char *, errmsg);
jiov[i].iov_len = sizeof(errmsg);
i++;
jiov[i].iov_base = jail_errmsg;
@@ -601,7 +601,7 @@ jailparam_get(struct jailparam *jp, unsi
jiov[ki].iov_len = (jp_key-jp_ctltype  CTLTYPE) == CTLTYPE_STRING
? strlen(jp_key-jp_value) + 1 : jp_key-jp_valuelen;
ki++;
-   *(const void **)jiov[ki].iov_base = errmsg;
+   jiov[ki].iov_base = __DECONST(char *, errmsg);
jiov[ki].iov_len = sizeof(errmsg);
ki++;
jiov[ki].iov_base = jail_errmsg;

Modified: head/lib/libjail/jail_getid.c
==
--- head/lib/libjail/jail_getid.c   Tue Nov 25 21:00:58 2014
(r275072)
+++ head/lib/libjail/jail_getid.c   Tue Nov 25 21:01:08 2014
(r275073)
@@ -53,12 +53,12 @@ jail_getid(const char *name)
jid = strtoul(name, ep, 10);
if (*name  !*ep)
return jid;
-   *(const void **)jiov[0].iov_base = name;
+   jiov[0].iov_base = __DECONST(char *, name);
jiov[0].iov_len = sizeof(name);
jiov[1].iov_len = strlen(name) + 1;
jiov[1].iov_base = alloca(jiov[1].iov_len);
strcpy(jiov[1].iov_base, name);
-   *(const void **)jiov[2].iov_base = errmsg;
+   jiov[2].iov_base = __DECONST(char *, errmsg);
jiov[2].iov_len = sizeof(errmsg);
jiov[3].iov_base = jail_errmsg;
jiov[3].iov_len = JAIL_ERRMSGLEN;
@@ -80,15 +80,15 @@ jail_getname(int jid)
char *name;
char namebuf[MAXHOSTNAMELEN];
 
-   *(const void **)jiov[0].iov_base = jid;
+   jiov[0].iov_base = __DECONST(char *, jid);
jiov[0].iov_len = sizeof(jid);
jiov[1].iov_base = jid;
jiov[1].iov_len = sizeof(jid);
-   *(const void **)jiov[2].iov_base = name;
+   jiov[2].iov_base = __DECONST(char *, name);
jiov[2].iov_len = sizeof(name);
jiov[3].iov_base = namebuf;
jiov[3].iov_len = sizeof(namebuf);
-   *(const void **)jiov[4].iov_base = errmsg;
+   jiov[4].iov_base = __DECONST(char *, errmsg);
jiov[4].iov_len = sizeof(errmsg);
jiov[5].iov_base = jail_errmsg;
jiov[5].iov_len = JAIL_ERRMSGLEN;

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cTue Nov 25 21:00:58 2014
(r275072)
+++ head/usr.sbin/jail/command.cTue Nov 25 21:01:08 2014
(r275073)
@@ -260,8 +260,8 @@ run_command(struct cfjail *j)
const struct passwd *pwd;
const struct cfstring *comstring, *s;
login_cap_t *lcap;
-   char **argv;
-   char *cs, *comcs, *devpath;
+   const char **argv;
+   char *acs, *cs, *comcs, *devpath;
const char *jidstr, *conslog, *path, *ruleset, *term, *username;
enum intparam comparam;
size_t comlen;
@@ -332,27 +332,26 @@ run_command(struct cfjail *j)
}
 
argv = alloca((8 + argc) * sizeof(char *));
-   *(const char **)argv[0] = _PATH_IFCONFIG;
+   argv[0] = _PATH_IFCONFIG;
if ((cs = strchr(val, '|'))) {
-   argv[1] = alloca(cs - val + 1);
-   strlcpy(argv[1], val, cs - val + 1);
+   argv[1] = acs = alloca(cs - val + 1);
+   strlcpy(acs, val, cs - val + 1);
addr = cs + 1;
} else {
-   *(const char **)argv[1] =
-   string_param(j-intparams[IP_INTERFACE]);
+   argv[1] = string_param(j-intparams[IP_INTERFACE]);
addr = val;
}
-   *(const char **)argv[2] = inet;
+   argv[2] = inet;
if (!(cs = strchr(addr, '/'))) {
argv[3] = addr;
-

svn commit: r261326 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail

2014-01-31 Thread Jamie Gritton

Author: jamie
Date: Fri Jan 31 17:39:51 2014
New Revision: 261326
URL: http://svnweb.freebsd.org/changeset/base/261326

Log:
  Back out r261266 pending security buy-in.
  
r261266:
Add a jail parameter, allow.kmem, which lets jailed processes access
/dev/kmem and related devices (i.e. grants PRIV_IO and PRIV_KMEM_WRITE).
This in conjunction with changing the drm driver's permission check from
PRIV_DRIVER to PRIV_KMEM_WRITE will allow a jailed Xorg server.

Modified:
  head/sys/dev/drm/drmP.h
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/dev/drm/drmP.h
==
--- head/sys/dev/drm/drmP.h Fri Jan 31 17:26:15 2014(r261325)
+++ head/sys/dev/drm/drmP.h Fri Jan 31 17:39:51 2014(r261326)
@@ -227,9 +227,7 @@ enum {
 
 #define PAGE_ALIGN(addr) round_page(addr)
 /* DRM_SUSER returns true if the user is superuser */
-#if __FreeBSD_version = 100
-#define DRM_SUSER(p)   (priv_check(p, PRIV_KMEM_WRITE) == 0)
-#elif __FreeBSD_version = 70
+#if __FreeBSD_version = 70
 #define DRM_SUSER(p)   (priv_check(p, PRIV_DRIVER) == 0)
 #else
 #define DRM_SUSER(p)   (suser(p) == 0)

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Fri Jan 31 17:26:15 2014(r261325)
+++ head/sys/kern/kern_jail.c   Fri Jan 31 17:39:51 2014(r261326)
@@ -208,7 +208,6 @@ static char *pr_allow_names[] = {
allow.mount.zfs,
allow.mount.procfs,
allow.mount.tmpfs,
-   allow.kmem,
 };
 const size_t pr_allow_names_size = sizeof(pr_allow_names);
 
@@ -225,7 +224,6 @@ static char *pr_allow_nonames[] = {
allow.mount.nozfs,
allow.mount.noprocfs,
allow.mount.notmpfs,
-   allow.nokmem,
 };
 const size_t pr_allow_nonames_size = sizeof(pr_allow_nonames);
 
@@ -3953,27 +3951,6 @@ prison_priv_check(struct ucred *cred, in
return (0);
 
/*
-* Allow access to /dev/io in a jail if the non-jailed admin
-* requests this and if /dev/io exists in the jail. This
-* allows Xorg to probe a card.
-*/
-   case PRIV_IO:
-   if (cred-cr_prison-pr_allow  PR_ALLOW_KMEM)
-   return (0);
-   else
-   return (EPERM);
-
-   /*
-* Allow low level access to KMEM-like devices (e.g. to
-* allow Xorg to use DRI).
-*/
-   case PRIV_KMEM_WRITE:
-   if (cred-cr_prison-pr_allow  PR_ALLOW_KMEM)
-   return (0);
-   else
-   return (EPERM);
-
-   /*
 * Allow jailed root to set loginclass.
 */
case PRIV_PROC_SETLOGINCLASS:
@@ -4407,8 +4384,6 @@ SYSCTL_JAIL_PARAM(_allow, quotas, CTLTYP
 B, Jail may set file quotas);
 SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW,
 B, Jail may create sockets other than just UNIX/IPv4/IPv6/route);
-SYSCTL_JAIL_PARAM(_allow, kmem, CTLTYPE_INT | CTLFLAG_RW,
-B, Jail may access kmem-like devices (io, dri) if they exist);
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, Jail mount/unmount permission flags);
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Fri Jan 31 17:26:15 2014(r261325)
+++ head/sys/sys/jail.h Fri Jan 31 17:39:51 2014(r261326)
@@ -228,8 +228,7 @@ struct prison_racct {
 #definePR_ALLOW_MOUNT_ZFS  0x0200
 #definePR_ALLOW_MOUNT_PROCFS   0x0400
 #definePR_ALLOW_MOUNT_TMPFS0x0800
-#definePR_ALLOW_KMEM   0x1000
-#definePR_ALLOW_ALL0x1fff
+#definePR_ALLOW_ALL0x0fff
 
 /*
  * OSD methods

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Fri Jan 31 17:26:15 2014(r261325)
+++ head/usr.sbin/jail/jail.8   Fri Jan 31 17:39:51 2014(r261326)
@@ -573,17 +573,6 @@ with non-jailed parts of the system.
 Sockets within a jail are normally restricted to IPv4, IPv6, local
 (UNIX), and route.  This allows access to other protocol stacks that
 have not had jail functionality added to them.
-.It Va allow.kmem
-Jailed processes may access
-.Pa /dev/kmem
-and similar devices (e.g. io, dri) if they have sufficient permission
-(via the usual file permissions).
-Note that the device files must exist within the jail for this parameter
-to be of any use;
-the default devfs ruleset for jails does not include any such devices.
-Giving a jail access to kernel memory

svn commit: r261266 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail

2014-01-29 Thread Jamie Gritton

Author: jamie
Date: Wed Jan 29 13:41:13 2014
New Revision: 261266
URL: http://svnweb.freebsd.org/changeset/base/261266

Log:
  Add a jail parameter, allow.kmem, which lets jailed processes access
  /dev/kmem and related devices (i.e. grants PRIV_IO and PRIV_KMEM_WRITE).
  This in conjunction with changing the drm driver's permission check from
  PRIV_DRIVER to PRIV_KMEM_WRITE will allow a jailed Xorg server.
  
  Submitted by: netchild
  MFC after:1 week

Modified:
  head/sys/dev/drm/drmP.h
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/dev/drm/drmP.h
==
--- head/sys/dev/drm/drmP.h Wed Jan 29 13:35:12 2014(r261265)
+++ head/sys/dev/drm/drmP.h Wed Jan 29 13:41:13 2014(r261266)
@@ -227,7 +227,9 @@ enum {
 
 #define PAGE_ALIGN(addr) round_page(addr)
 /* DRM_SUSER returns true if the user is superuser */
-#if __FreeBSD_version = 70
+#if __FreeBSD_version = 100
+#define DRM_SUSER(p)   (priv_check(p, PRIV_KMEM_WRITE) == 0)
+#elif __FreeBSD_version = 70
 #define DRM_SUSER(p)   (priv_check(p, PRIV_DRIVER) == 0)
 #else
 #define DRM_SUSER(p)   (suser(p) == 0)

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Jan 29 13:35:12 2014(r261265)
+++ head/sys/kern/kern_jail.c   Wed Jan 29 13:41:13 2014(r261266)
@@ -208,6 +208,7 @@ static char *pr_allow_names[] = {
allow.mount.zfs,
allow.mount.procfs,
allow.mount.tmpfs,
+   allow.kmem,
 };
 const size_t pr_allow_names_size = sizeof(pr_allow_names);
 
@@ -224,6 +225,7 @@ static char *pr_allow_nonames[] = {
allow.mount.nozfs,
allow.mount.noprocfs,
allow.mount.notmpfs,
+   allow.nokmem,
 };
 const size_t pr_allow_nonames_size = sizeof(pr_allow_nonames);
 
@@ -3951,6 +3953,27 @@ prison_priv_check(struct ucred *cred, in
return (0);
 
/*
+* Allow access to /dev/io in a jail if the non-jailed admin
+* requests this and if /dev/io exists in the jail. This
+* allows Xorg to probe a card.
+*/
+   case PRIV_IO:
+   if (cred-cr_prison-pr_allow  PR_ALLOW_KMEM)
+   return (0);
+   else
+   return (EPERM);
+
+   /*
+* Allow low level access to KMEM-like devices (e.g. to
+* allow Xorg to use DRI).
+*/
+   case PRIV_KMEM_WRITE:
+   if (cred-cr_prison-pr_allow  PR_ALLOW_KMEM)
+   return (0);
+   else
+   return (EPERM);
+
+   /*
 * Allow jailed root to set loginclass.
 */
case PRIV_PROC_SETLOGINCLASS:
@@ -4384,6 +4407,8 @@ SYSCTL_JAIL_PARAM(_allow, quotas, CTLTYP
 B, Jail may set file quotas);
 SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW,
 B, Jail may create sockets other than just UNIX/IPv4/IPv6/route);
+SYSCTL_JAIL_PARAM(_allow, kmem, CTLTYPE_INT | CTLFLAG_RW,
+B, Jail may access kmem-like devices (io, dri) if they exist);
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, Jail mount/unmount permission flags);
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Wed Jan 29 13:35:12 2014(r261265)
+++ head/sys/sys/jail.h Wed Jan 29 13:41:13 2014(r261266)
@@ -228,7 +228,8 @@ struct prison_racct {
 #definePR_ALLOW_MOUNT_ZFS  0x0200
 #definePR_ALLOW_MOUNT_PROCFS   0x0400
 #definePR_ALLOW_MOUNT_TMPFS0x0800
-#definePR_ALLOW_ALL0x0fff
+#definePR_ALLOW_KMEM   0x1000
+#definePR_ALLOW_ALL0x1fff
 
 /*
  * OSD methods

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Wed Jan 29 13:35:12 2014(r261265)
+++ head/usr.sbin/jail/jail.8   Wed Jan 29 13:41:13 2014(r261266)
@@ -573,6 +573,17 @@ with non-jailed parts of the system.
 Sockets within a jail are normally restricted to IPv4, IPv6, local
 (UNIX), and route.  This allows access to other protocol stacks that
 have not had jail functionality added to them.
+.It Va allow.kmem
+Jailed processes may access
+.Pa /dev/kmem
+and similar devices (e.g. io, dri) if they have sufficient permission
+(via the usual file permissions).
+Note that the device files must exist within the jail for this parameter
+to be of any use;
+the default devfs ruleset for jails does not include any such devices.
+Giving a jail access to kernel memory obviates much of

Re: svn commit: r255316 - head/sys/kern

2013-09-06 Thread Jamie Gritton

On 09/06/13 12:18, Gleb Smirnoff wrote:
 On Fri, Sep 06, 2013 at 05:32:29PM +, Jamie Gritton wrote:
 J Author: jamie
 J Date: Fri Sep  6 17:32:29 2013
 J New Revision: 255316
 J URL: http://svnweb.freebsd.org/changeset/base/255316
 J 
 J Log:
 J   Keep PRIV_KMEM_READ permitted inside jails as it is on the outside.
 J 
 J Modified:
 J   head/sys/kern/kern_jail.c
 J 
 J Modified: head/sys/kern/kern_jail.c
 J 
 ==
 J --- head/sys/kern/kern_jail.c  Fri Sep  6 17:19:57 2013
 (r255315)
 J +++ head/sys/kern/kern_jail.c  Fri Sep  6 17:32:29 2013
 (r255316)
 J @@ -3885,6 +3885,13 @@ prison_priv_check(struct ucred *cred, in
 Jcase PRIV_VFS_SETGID:
 Jcase PRIV_VFS_STAT:
 Jcase PRIV_VFS_STICKYFILE:
 J +
 J +  /*
 J +   * As in the non-jail case, non-root users are expected to be
 J +   * able to read kernel/phyiscal memory (provided /dev/[k]mem
 J +   * exists in the jail and they have permission to access it).
 J +   */
 J +  case PRIV_KMEM_READ:
 Jreturn (0);
 J  
 J/*
 
 Was that discussed anywhere or reviewed by anyone?

Yes, it was brought up by jase@ in src-committers last week, noting that
my original PRIV_KMEM_* commit (r252841) broke existing jail behavior.
The entire discussion was the mention of the problem and my mention of
what it would take to fix it. There was no code review as such, but that
seemed appropriate for an obvious one-liner.

- Jamie
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r252841 - in head/sys: dev/mem kern sys

2013-08-30 Thread Jamie Gritton

On 08/30/13 11:13, Jase Thew wrote:
 On 05/07/2013 22:31, Jamie Gritton wrote:
 Author: jamie
 Date: Fri Jul  5 21:31:16 2013
 New Revision: 252841
 URL: http://svnweb.freebsd.org/changeset/base/252841

 Log:
Add new privileges, PRIV_KMEM_READ and PRIV_KMEM_WRITE, used in
 opening
/dev/kmem and /dev/mem (in addition to traditional file permission
 checks).
PRIV_KMEM_READ is different from other PRIV_* checks in that it's
 allowed
by default.

Reviewed by:kib, mckusick

 
 Hi Jamie,
 
 As a result of this commit (and r252845), it is no longer possible to
 access /dev/mem and /dev/kmem inside of a jail - is this behaviour
 intentional?
 
 # dd if=/dev/mem bs=64 count=1
 dd: /dev/mem: Operation not permitted

It's intentional, but it's not intended to be the full solution. I also
need to add a permission flag to jails to allow kmem access. However I
didn't intend to disrupt read permission, though clearly it does since
it now passes through prison_priv_check. So I ought to add some code in
prison_priv_check that mirrors the code in priv_check_cred to allow
PRIV_KMEM_READ by default.

- Jamie
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r252841 - in head/sys: dev/mem kern sys

2013-07-05 Thread Jamie Gritton

Author: jamie
Date: Fri Jul  5 21:31:16 2013
New Revision: 252841
URL: http://svnweb.freebsd.org/changeset/base/252841

Log:
  Add new privileges, PRIV_KMEM_READ and PRIV_KMEM_WRITE, used in opening
  /dev/kmem and /dev/mem (in addition to traditional file permission checks).
  PRIV_KMEM_READ is different from other PRIV_* checks in that it's allowed
  by default.
  
  Reviewed by:  kib, mckusick

Modified:
  head/sys/dev/mem/memdev.c
  head/sys/kern/kern_priv.c
  head/sys/sys/priv.h

Modified: head/sys/dev/mem/memdev.c
==
--- head/sys/dev/mem/memdev.c   Fri Jul  5 21:29:59 2013(r252840)
+++ head/sys/dev/mem/memdev.c   Fri Jul  5 21:31:16 2013(r252841)
@@ -37,6 +37,7 @@ __FBSDID($FreeBSD$);
 #include sys/memrange.h
 #include sys/module.h
 #include sys/mutex.h
+#include sys/priv.h
 #include sys/proc.h
 #include sys/signalvar.h
 #include sys/systm.h
@@ -67,8 +68,14 @@ memopen(struct cdev *dev __unused, int f
 {
int error = 0;
 
-   if (flags  FWRITE)
-   error = securelevel_gt(td-td_ucred, 0);
+   if (flags  FREAD)
+   error = priv_check(td, PRIV_KMEM_READ);
+   if (flags  FWRITE) {
+   if (error == 0)
+   error = priv_check(td, PRIV_KMEM_WRITE);
+   if (error == 0)
+   error = securelevel_gt(td-td_ucred, 0);
+   }
 
return (error);
 }

Modified: head/sys/kern/kern_priv.c
==
--- head/sys/kern/kern_priv.c   Fri Jul  5 21:29:59 2013(r252840)
+++ head/sys/kern/kern_priv.c   Fri Jul  5 21:31:16 2013(r252841)
@@ -142,6 +142,15 @@ priv_check_cred(struct ucred *cred, int 
}
 
/*
+* Writes to kernel memory are a typical root-only operation,
+* but non-root users are expected to be able to read it.
+*/
+   if (priv == PRIV_KMEM_READ) {
+   error = 0;
+   goto out;
+   }
+
+   /*
 * Now check with MAC, if enabled, to see if a policy module grants
 * privilege.
 */

Modified: head/sys/sys/priv.h
==
--- head/sys/sys/priv.h Fri Jul  5 21:29:59 2013(r252840)
+++ head/sys/sys/priv.h Fri Jul  5 21:31:16 2013(r252841)
@@ -494,6 +494,12 @@
 #definePRIV_RCTL_REMOVE_RULE   674
 
 /*
+ * Kernel memory privileges.
+ */
+#definePRIV_KMEM_READ  680 /* Read from kernel memory. */
+#definePRIV_KMEM_WRITE 681 /* Write to kernel memory. */
+
+/*
  * Track end of privilege list.
  */
 #define_PRIV_HIGHEST   675
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r252845 - head/sys/sys

2013-07-05 Thread Jamie Gritton

Author: jamie
Date: Fri Jul  5 21:41:05 2013
New Revision: 252845
URL: http://svnweb.freebsd.org/changeset/base/252845

Log:
  Bump up _PRIV_HIGHEST to account for PRIV_KMEM_READ/WRITE.
  
  Submitted by: mdf

Modified:
  head/sys/sys/priv.h

Modified: head/sys/sys/priv.h
==
--- head/sys/sys/priv.h Fri Jul  5 21:40:31 2013(r252844)
+++ head/sys/sys/priv.h Fri Jul  5 21:41:05 2013(r252845)
@@ -502,7 +502,7 @@
 /*
  * Track end of privilege list.
  */
-#define_PRIV_HIGHEST   675
+#define_PRIV_HIGHEST   682
 
 /*
  * Validate that a named privilege is known by the privilege system.  Invalid
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r252855 - in head/sys: kern sys

2013-07-05 Thread Jamie Gritton

Author: jamie
Date: Sat Jul  6 00:10:52 2013
New Revision: 252855
URL: http://svnweb.freebsd.org/changeset/base/252855

Log:
  Make the comments a little more clear about PRIV_KMEM_*, explicitly
  referring to /dev/[k]mem and noting it's about opening the files rather
  than actually reading and writing.
  
  Reviewed by:  jmallett

Modified:
  head/sys/kern/kern_priv.c
  head/sys/sys/priv.h

Modified: head/sys/kern/kern_priv.c
==
--- head/sys/kern/kern_priv.c   Fri Jul  5 23:40:08 2013(r252854)
+++ head/sys/kern/kern_priv.c   Sat Jul  6 00:10:52 2013(r252855)
@@ -142,8 +142,9 @@ priv_check_cred(struct ucred *cred, int 
}
 
/*
-* Writes to kernel memory are a typical root-only operation,
-* but non-root users are expected to be able to read it.
+* Writes to kernel/physical memory are a typical root-only operation,
+* but non-root users are expected to be able to read it (provided they
+* have permission to access /dev/[k]mem).
 */
if (priv == PRIV_KMEM_READ) {
error = 0;

Modified: head/sys/sys/priv.h
==
--- head/sys/sys/priv.h Fri Jul  5 23:40:08 2013(r252854)
+++ head/sys/sys/priv.h Sat Jul  6 00:10:52 2013(r252855)
@@ -494,10 +494,10 @@
 #definePRIV_RCTL_REMOVE_RULE   674
 
 /*
- * Kernel memory privileges.
+ * mem(4) privileges.
  */
-#definePRIV_KMEM_READ  680 /* Read from kernel memory. */
-#definePRIV_KMEM_WRITE 681 /* Write to kernel memory. */
+#definePRIV_KMEM_READ  680 /* Open mem/kmem for reading. */
+#definePRIV_KMEM_WRITE 681 /* Open mem/kmem for writing. */
 
 /*
  * Track end of privilege list.
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r250968 - head/share/man/man8

2013-05-24 Thread Jamie Gritton

Author: jamie
Date: Fri May 24 14:57:38 2013
New Revision: 250968
URL: http://svnweb.freebsd.org/changeset/base/250968

Log:
  Mention the nojailvnet keyword.
  
  MFC after:3 days

Modified:
  head/share/man/man8/rc.8

Modified: head/share/man/man8/rc.8
==
--- head/share/man/man8/rc.8Fri May 24 11:27:06 2013(r250967)
+++ head/share/man/man8/rc.8Fri May 24 14:57:38 2013(r250968)
@@ -124,7 +124,9 @@ Load the configuration files.
 Determine if booting in a jail,
 and add
 .Dq Li nojail
-to the list of KEYWORDS to skip in
+(no jails allowed) or
+.Dq Li nojailvnet
+(only allow vnet-enabled jails) to the list of KEYWORDS to skip in
 .Xr rcorder 8 .
 .It
 Invoke
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r250804 - in head: etc etc/rc.d sys/kern

2013-05-18 Thread Jamie Gritton

Author: jamie
Date: Sun May 19 04:10:34 2013
New Revision: 250804
URL: http://svnweb.freebsd.org/changeset/base/250804

Log:
  Refine the nojail rc keyword, adding nojailvnet for files that don't
  apply to most jails but do apply to vnet jails.  This includes adding
  a new sysctl security.jail.vnet to identify vnet jails.
  
  PR:   conf/149050
  Submitted by: mdodd
  MFC after:3 days

Modified:
  head/etc/rc
  head/etc/rc.d/ipfw
  head/etc/rc.d/netif
  head/etc/rc.d/routing
  head/etc/rc.shutdown
  head/sys/kern/kern_jail.c

Modified: head/etc/rc
==
--- head/etc/rc Sun May 19 03:04:34 2013(r250803)
+++ head/etc/rc Sun May 19 04:10:34 2013(r250804)
@@ -77,6 +77,9 @@ if [ `/sbin/sysctl -n security.jail.jail
if [ $early_late_divider = FILESYSTEMS ]; then
early_late_divider=NETWORKING
fi
+   if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then
+   skip=$skip -s nojailvnet
+   fi
 fi
 
 # Do a first pass to get everything up to $early_late_divider so that

Modified: head/etc/rc.d/ipfw
==
--- head/etc/rc.d/ipfw  Sun May 19 03:04:34 2013(r250803)
+++ head/etc/rc.d/ipfw  Sun May 19 04:10:34 2013(r250804)
@@ -5,7 +5,7 @@
 
 # PROVIDE: ipfw
 # REQUIRE: ppp
-# KEYWORD: nojail
+# KEYWORD: nojailvnet
 
 . /etc/rc.subr
 . /etc/network.subr

Modified: head/etc/rc.d/netif
==
--- head/etc/rc.d/netif Sun May 19 03:04:34 2013(r250803)
+++ head/etc/rc.d/netif Sun May 19 04:10:34 2013(r250804)
@@ -28,7 +28,7 @@
 # PROVIDE: netif
 # REQUIRE: atm1 FILESYSTEMS serial sppp sysctl
 # REQUIRE: ipfilter ipfs
-# KEYWORD: nojail
+# KEYWORD: nojailvnet
 
 . /etc/rc.subr
 . /etc/network.subr

Modified: head/etc/rc.d/routing
==
--- head/etc/rc.d/routing   Sun May 19 03:04:34 2013(r250803)
+++ head/etc/rc.d/routing   Sun May 19 04:10:34 2013(r250804)
@@ -7,7 +7,7 @@
 
 # PROVIDE: routing
 # REQUIRE: faith netif ppp stf
-# KEYWORD: nojail
+# KEYWORD: nojailvnet
 
 . /etc/rc.subr
 . /etc/network.subr

Modified: head/etc/rc.shutdown
==
--- head/etc/rc.shutdownSun May 19 03:04:34 2013(r250803)
+++ head/etc/rc.shutdownSun May 19 04:10:34 2013(r250804)
@@ -81,7 +81,12 @@ fi
 # and perform the operation
 #
 rcorder_opts=-k shutdown
-[ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]  
rcorder_opts=$rcorder_opts -s nojail
+if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then
+   rcorder_opts=$rcorder_opts -s nojail
+   if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then
+   rcorder_opts=$rcorder_opts -s nojailvnet
+   fi
+fi
 
 case ${local_startup} in
 [Nn][Oo] | '') ;;

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Sun May 19 03:04:34 2013(r250803)
+++ head/sys/kern/kern_jail.c   Sun May 19 04:10:34 2013(r250804)
@@ -4132,6 +4132,26 @@ SYSCTL_PROC(_security_jail, OID_AUTO, ja
 CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
 sysctl_jail_jailed, I, Process in jail?);
 
+static int
+sysctl_jail_vnet(SYSCTL_HANDLER_ARGS)
+{
+   int error, havevnet;
+#ifdef VIMAGE
+   struct ucred *cred = req-td-td_ucred;
+
+   havevnet = jailed(cred)  prison_owns_vnet(cred);
+#else
+   havevnet = 0;
+#endif
+   error = SYSCTL_OUT(req, havevnet, sizeof(havevnet));
+
+   return (error);
+}
+
+SYSCTL_PROC(_security_jail, OID_AUTO, vnet,
+CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
+sysctl_jail_vnet, I, Jail owns VNET?);
+
 #if defined(INET) || defined(INET6)
 SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
 jail_max_af_ips, 0,
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r248854 - head/usr.sbin/jail

2013-03-28 Thread Jamie Gritton

Author: jamie
Date: Thu Mar 28 21:02:49 2013
New Revision: 248854
URL: http://svnweb.freebsd.org/changeset/base/248854

Log:
  Reverse the order of some implicit commands (FS mounts and ifconfigs)
  when stopping jails.  This matters particularly for nested filesystem
  mounts.
  
  PR:   kern/177325
  Submitted by: Harald Schmalzbauer
  MFC after:3 days

Modified:
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/config.c
  head/usr.sbin/jail/jailp.h

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cThu Mar 28 20:48:58 2013
(r248853)
+++ head/usr.sbin/jail/command.cThu Mar 28 21:02:49 2013
(r248854)
@@ -88,13 +88,14 @@ int
 next_command(struct cfjail *j)
 {
enum intparam comparam;
-   int create_failed;
+   int create_failed, stopping;
 
if (paralimit == 0) {
requeue(j, runnable);
return 1;
}
create_failed = (j-flags  (JF_STOP | JF_FAILED)) == JF_FAILED;
+   stopping = (j-flags  JF_STOP) != 0;
comparam = *j-comparam;
for (;;) {
if (j-comstring == NULL) {
@@ -113,14 +114,16 @@ next_command(struct cfjail *j)
default:
if (j-intparams[comparam] == NULL)
continue;
-   j-comstring = create_failed
+   j-comstring = create_failed || (stopping 
+   (j-intparams[comparam]-flags  PF_REV))
? TAILQ_LAST(j-intparams[comparam]-val,
cfstrings)
: TAILQ_FIRST(j-intparams[comparam]-val);
}
} else {
j-comstring = j-comstring == dummystring ? NULL :
-   create_failed
+   create_failed || (stopping 
+   (j-intparams[comparam]-flags  PF_REV))
? TAILQ_PREV(j-comstring, cfstrings, tq)
: TAILQ_NEXT(j-comstring, tq);
}

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Mar 28 20:48:58 2013(r248853)
+++ head/usr.sbin/jail/config.c Thu Mar 28 21:02:49 2013(r248854)
@@ -81,18 +81,18 @@ static const struct ipspec intparams[] =
 [IP_INTERFACE] =   {interface,   PF_INTERNAL},
 [IP_IP_HOSTNAME] = {ip_hostname, PF_INTERNAL | PF_BOOL},
 #endif
-[IP_MOUNT] =   {mount,   PF_INTERNAL},
+[IP_MOUNT] =   {mount,   PF_INTERNAL | PF_REV},
 [IP_MOUNT_DEVFS] = {mount.devfs, PF_INTERNAL | PF_BOOL},
 [IP_MOUNT_FSTAB] = {mount.fstab, PF_INTERNAL},
 [IP_STOP_TIMEOUT] ={stop.timeout,PF_INTERNAL | 
PF_INT},
 [IP_VNET_INTERFACE] =  {vnet.interface,  PF_INTERNAL},
 #ifdef INET
-[IP__IP4_IFADDR] = {ip4.addr,PF_INTERNAL | PF_CONV},
+[IP__IP4_IFADDR] = {ip4.addr,PF_INTERNAL | PF_CONV | PF_REV},
 #endif
 #ifdef INET6
-[IP__IP6_IFADDR] = {ip6.addr,PF_INTERNAL | PF_CONV},
+[IP__IP6_IFADDR] = {ip6.addr,PF_INTERNAL | PF_CONV | PF_REV},
 #endif
-[IP__MOUNT_FROM_FSTAB] =   {mount.fstab, PF_INTERNAL | PF_CONV},
+[IP__MOUNT_FROM_FSTAB] =   {mount.fstab, PF_INTERNAL | PF_CONV | PF_REV},
 [IP__OP] = {NULL,  PF_CONV},
 [KP_ALLOW_CHFLAGS] =   {allow.chflags,   0},
 [KP_ALLOW_MOUNT] = {allow.mount, 0},

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Thu Mar 28 20:48:58 2013(r248853)
+++ head/usr.sbin/jail/jailp.h  Thu Mar 28 21:02:49 2013(r248854)
@@ -50,6 +50,7 @@
 #define PF_BOOL0x10/* Boolean parameter */
 #define PF_INT 0x20/* Integer parameter */
 #define PF_CONV0x40/* Parameter duplicated in converted 
form */
+#define PF_REV 0x80/* Run commands in reverse order on stopping */
 
 #define JF_START   0x0001  /* -c */
 #define JF_SET 0x0002  /* -m */
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r247071 - head/sys/kern

2013-02-20 Thread Jamie Gritton

Author: jamie
Date: Thu Feb 21 02:41:37 2013
New Revision: 247071
URL: http://svnweb.freebsd.org/changeset/base/247071

Log:
  Don't worry if a module is already loaded when looking for a fstype to mount
  (possible in a race condition).
  
  Reviewed by:  kib
  MFC after:1 week

Modified:
  head/sys/kern/vfs_init.c

Modified: head/sys/kern/vfs_init.c
==
--- head/sys/kern/vfs_init.cThu Feb 21 02:40:20 2013(r247070)
+++ head/sys/kern/vfs_init.cThu Feb 21 02:41:37 2013(r247071)
@@ -122,7 +122,7 @@ struct vfsconf *
 vfs_byname_kld(const char *fstype, struct thread *td, int *error)
 {
struct vfsconf *vfsp;
-   int fileid;
+   int fileid, loaded;
 
vfsp = vfs_byname(fstype);
if (vfsp != NULL)
@@ -130,13 +130,17 @@ vfs_byname_kld(const char *fstype, struc
 
/* Try to load the respective module. */
*error = kern_kldload(td, fstype, fileid);
+   loaded = (*error == 0);
+   if (*error == EEXIST)
+   *error = 0;
if (*error)
return (NULL);
 
/* Look up again to see if the VFS was loaded. */
vfsp = vfs_byname(fstype);
if (vfsp == NULL) {
-   (void)kern_kldunload(td, fileid, LINKER_UNLOAD_FORCE);
+   if (loaded)
+   (void)kern_kldunload(td, fileid, LINKER_UNLOAD_FORCE);
*error = ENODEV;
return (NULL);
}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r246804 - head/usr.sbin/jail

2013-02-14 Thread Jamie Gritton

Author: jamie
Date: Thu Feb 14 19:27:52 2013
New Revision: 246804
URL: http://svnweb.freebsd.org/changeset/base/246804

Log:
  Handle (ignore) when a process disappears before it can be tracked.

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cThu Feb 14 19:26:58 2013
(r246803)
+++ head/usr.sbin/jail/command.cThu Feb 14 19:27:52 2013
(r246804)
@@ -66,7 +66,7 @@ int paralimit = -1;
 extern char **environ;
 
 static int run_command(struct cfjail *j);
-static void add_proc(struct cfjail *j, pid_t pid);
+static int add_proc(struct cfjail *j, pid_t pid);
 static void clear_procs(struct cfjail *j);
 static struct cfjail *find_proc(pid_t pid);
 static int term_procs(struct cfjail *j);
@@ -542,13 +542,12 @@ run_command(struct cfjail *j)
if (pid  0)
err(1, fork);
if (pid  0) {
-   if (bg) {
+   if (bg || !add_proc(j, pid)) {
free(j-comline);
j-comline = NULL;
return 0;
} else {
paralimit--;
-   add_proc(j, pid);
return 1;
}
}
@@ -622,7 +621,7 @@ run_command(struct cfjail *j)
 /*
  * Add a process to the hash, tied to a jail.
  */
-static void
+static int
 add_proc(struct cfjail *j, pid_t pid)
 {
struct kevent ke;
@@ -632,8 +631,11 @@ add_proc(struct cfjail *j, pid_t pid)
if (!kq  (kq = kqueue())  0)
err(1, kqueue);
EV_SET(ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL);
-   if (kevent(kq, ke, 1, NULL, 0, NULL)  0)
+   if (kevent(kq, ke, 1, NULL, 0, NULL)  0) {
+   if (errno == ESRCH)
+   return 0;
err(1, kevent);
+   }
ph = emalloc(sizeof(struct phash));
ph-j = j;
ph-pid = pid;
@@ -658,6 +660,7 @@ add_proc(struct cfjail *j, pid_t pid)
TAILQ_INSERT_TAIL(sleeping, j, tq);
j-queue = sleeping;
}
+   return 1;
 }
 
 /*
@@ -730,7 +733,7 @@ term_procs(struct cfjail *j)
for (i = 0; i  pcnt; i++)
if (ki[i].ki_jid == j-jid 
kill(ki[i].ki_pid, SIGTERM) == 0) {
-   add_proc(j, ki[i].ki_pid);
+   (void)add_proc(j, ki[i].ki_pid);
if (verbose  0) {
if (!noted) {
noted = 1;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r241196 - head/usr.sbin/jail

2012-10-04 Thread Jamie Gritton

Author: jamie
Date: Thu Oct  4 18:59:46 2012
New Revision: 241196
URL: http://svn.freebsd.org/changeset/base/241196

Log:
  Move properly to the next parameter when jailparam_init fails
   (i.e. on an unknown parameter), to avoid freeing bogus pointers.

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Oct  4 15:42:45 2012(r241195)
+++ head/usr.sbin/jail/config.c Thu Oct  4 18:59:46 2012(r241196)
@@ -690,6 +690,7 @@ import_params(struct cfjail *j)
if (jailparam_init(jp, p-name)  0) {
error = -1;
jail_warnx(j, %s, jail_errmsg);
+   jp++;
continue;
}
if (TAILQ_EMPTY(p-val))
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r241197 - head/lib/libjail

2012-10-04 Thread Jamie Gritton

Author: jamie
Date: Thu Oct  4 19:07:05 2012
New Revision: 241197
URL: http://svn.freebsd.org/changeset/base/241197

Log:
  Fix some memory allocation errors:
  
  * jail_setv will leak a parameter name if jailparam_import fails.
  * jailparam_all loses the jailparam pointer on realloc error
(a clear freshman mistake).
  * If jailparam_init fails, the caller doesn't need to jailparam_free
the buffer.  That's not really clear, so set things to NULL allowing
jailparam_free to work without error (though it's still not required).

Modified:
  head/lib/libjail/jail.c

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Thu Oct  4 18:59:46 2012(r241196)
+++ head/lib/libjail/jail.c Thu Oct  4 19:07:05 2012(r241197)
@@ -85,19 +85,22 @@ jail_setv(int flags, ...)
(void)va_arg(tap, char *);
va_end(tap);
jp = alloca(njp * sizeof(struct jailparam));
-   for (njp = 0; (name = va_arg(ap, char *)) != NULL; njp++) {
+   for (njp = 0; (name = va_arg(ap, char *)) != NULL;) {
value = va_arg(ap, char *);
-   if (jailparam_init(jp + njp, name)  0 ||
-   jailparam_import(jp + njp, value)  0) {
-   jailparam_free(jp, njp);
-   va_end(ap);
-   return (-1);
-   }
+   if (jailparam_init(jp + njp, name)  0)
+   goto error;
+   if (jailparam_import(jp + njp++, value)  0)
+   goto error;
}
va_end(ap);
jid = jailparam_set(jp, njp, flags);
jailparam_free(jp, njp);
return (jid);
+
+ error:
+   jailparam_free(jp, njp);
+   va_end(ap);
+   return (-1);
 }
 
 /*
@@ -195,7 +198,7 @@ jail_getv(int flags, ...)
 int
 jailparam_all(struct jailparam **jpp)
 {
-   struct jailparam *jp;
+   struct jailparam *jp, *tjp;
size_t mlen1, mlen2, buflen;
int njp, nlist;
int mib1[CTL_MAXNAME], mib2[CTL_MAXNAME - 2];
@@ -242,11 +245,10 @@ jailparam_all(struct jailparam **jpp)
/* Add the parameter to the list */
if (njp = nlist) {
nlist *= 2;
-   jp = realloc(jp, nlist * sizeof(*jp));
-   if (jp == NULL) {
-   jailparam_free(jp, njp);
-   return (-1);
-   }
+   tjp = realloc(jp, nlist * sizeof(*jp));
+   if (tjp == NULL)
+   goto error;
+   jp = tjp;
}
if (jailparam_init(jp + njp, buf + sizeof(SJPARAM))  0)
goto error;
@@ -277,6 +279,8 @@ jailparam_init(struct jailparam *jp, con
}
if (jailparam_type(jp)  0) {
jailparam_free(jp, 1);
+   jp-jp_name = NULL;
+   jp-jp_value = NULL;
return (-1);
}
return (0);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r239621 - head/usr.sbin/jail

2012-08-23 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 23 19:39:23 2012
New Revision: 239621
URL: http://svn.freebsd.org/changeset/base/239621

Log:
  Partially roll back r239601 - keep parameter strings both length-delimited
  and null-terminated at the same time, because they're later passed to
  libjail as null-terminated.  That means I also need to add a nul byte when
  comma-combining array parameters.
  
  MFC after:6 days

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Aug 23 19:32:57 2012(r239620)
+++ head/usr.sbin/jail/config.c Thu Aug 23 19:39:23 2012(r239621)
@@ -597,6 +597,7 @@ check_intparams(struct cfjail *j)
ip4.addr: bad netmask \%s\, cs);
error = -1; 
}
+   *cs = '\0';
s-len = cs - s-s;
}
}
@@ -620,6 +621,7 @@ check_intparams(struct cfjail *j)
cs);
error = -1; 
}
+   *cs = '\0';
s-len = cs - s-s;
}
}
@@ -713,11 +715,10 @@ import_params(struct cfjail *j)
cs = value;
TAILQ_FOREACH_SAFE(s, p-val, tq, ts) {
memcpy(cs, s-s, s-len);
-   if (ts != NULL) {
-   cs += s-len + 1;
-   cs[-1] = ',';
-   }
+   cs += s-len + 1;
+   cs[-1] = ',';
}
+   value[vallen - 1] = '\0';
}
if (jailparam_import(jp, value)  0) {
error = -1;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r239602 - head/usr.sbin/jail

2012-08-22 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 23 01:43:22 2012
New Revision: 239602
URL: http://svn.freebsd.org/changeset/base/239602

Log:
  Pre-separate IP addresses passed on the command line, so they can be
  properly parsed for interface prefixes and netmask suffixes.  This was
  already done for the old-style (fixed) command line, but missed for
  the new-style.
  
  MFC after:1 week

Modified:
  head/usr.sbin/jail/jail.c

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Thu Aug 23 01:43:01 2012(r239601)
+++ head/usr.sbin/jail/jail.c   Thu Aug 23 01:43:22 2012(r239602)
@@ -304,9 +304,33 @@ main(int argc, char **argv)
for (i++; i  argc; i++)
add_param(NULL, NULL, IP_COMMAND,
argv[i]);
-   break;
}
-   add_param(NULL, NULL, 0, argv[i]);
+#ifdef INET
+   else if (!strncmp(argv[i], ip4.addr=, 9)) {
+   for (cs = argv[i] + 9;; cs = ncs + 1) {
+   ncs = strchr(cs, ',');
+   if (ncs)
+   *ncs = '\0';
+   add_param(NULL, NULL, KP_IP4_ADDR, cs);
+   if (!ncs)
+   break;
+   }
+   }
+#endif
+#ifdef INET6
+   else if (!strncmp(argv[i], ip6.addr=, 9)) {
+   for (cs = argv[i] + 9;; cs = ncs + 1) {
+   ncs = strchr(cs, ',');
+   if (ncs)
+   *ncs = '\0';
+   add_param(NULL, NULL, KP_IP6_ADDR, cs);
+   if (!ncs)
+   break;
+   }
+   }
+#endif
+   else
+   add_param(NULL, NULL, 0, argv[i]);
}
} else {
/* From the config file, perhaps with a specified jail */
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r239601 - head/usr.sbin/jail

2012-08-22 Thread Jamie Gritton

Author: jamie
Date: Thu Aug 23 01:43:01 2012
New Revision: 239601
URL: http://svn.freebsd.org/changeset/base/239601

Log:
  Remember that I'm using length-defined strings in parameters:
  
   Remove a bogus null terminator when stripping the netmask from
   IP addresses.  This was causing later addresses in a comma-separated
   string to disappear.
  
   Use memcpy instead of strcpy.  This could just cause Bad Things.
  
  PR:   170832
  MFC after:1 week

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Aug 23 00:39:08 2012(r239600)
+++ head/usr.sbin/jail/config.c Thu Aug 23 01:43:01 2012(r239601)
@@ -597,8 +597,7 @@ check_intparams(struct cfjail *j)
ip4.addr: bad netmask \%s\, cs);
error = -1; 
}
-   *cs = '\0';
-   s-len = cs - s-s + 1;
+   s-len = cs - s-s;
}
}
}
@@ -621,8 +620,7 @@ check_intparams(struct cfjail *j)
cs);
error = -1; 
}
-   *cs = '\0';
-   s-len = cs - s-s + 1;
+   s-len = cs - s-s;
}
}
}
@@ -714,7 +712,7 @@ import_params(struct cfjail *j)
value = alloca(vallen);
cs = value;
TAILQ_FOREACH_SAFE(s, p-val, tq, ts) {
-   strcpy(cs, s-s);
+   memcpy(cs, s-s, s-len);
if (ts != NULL) {
cs += s-len + 1;
cs[-1] = ',';
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r236198 - head/usr.sbin/jail

2012-05-28 Thread Jamie Gritton

Author: jamie
Date: Mon May 28 20:44:11 2012
New Revision: 236198
URL: http://svn.freebsd.org/changeset/base/236198

Log:
  When writing the jid via the -i flag, do it right when the jail is created,
  before any commands run.  /etc/rc.d/jail depends on this.

Modified:
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/jailp.h

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cMon May 28 19:48:37 2012
(r236197)
+++ head/usr.sbin/jail/command.cMon May 28 20:44:11 2012
(r236198)
@@ -246,7 +246,7 @@ next_proc(int nonblock)
 /*
  * Run a single command for a jail, possible inside the jail.
  */
-int
+static int
 run_command(struct cfjail *j)
 {
const struct passwd *pwd;
@@ -290,6 +290,8 @@ run_command(struct cfjail *j)
} else {
if (create_jail(j)  0)
return -1;
+   if (iflag)
+   printf(%d\n, j-jid);
if (verbose = 0  (j-name || verbose  0))
jail_note(j, created\n);
dep_done(j, DF_LIGHT);

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Mon May 28 19:48:37 2012(r236197)
+++ head/usr.sbin/jail/jail.c   Mon May 28 20:44:11 2012(r236198)
@@ -55,6 +55,7 @@ struct permspec {
 };
 
 const char *cfname;
+int iflag;
 int note_remove;
 int verbose;
 
@@ -129,7 +130,7 @@ main(int argc, char **argv)
size_t sysvallen;
unsigned op, pi;
int ch, docf, error, i, oldcl, sysval;
-   int dflag, iflag, Rflag;
+   int dflag, Rflag;
char enforce_statfs[4];
 #if defined(INET) || defined(INET6)
char *cs, *ncs;
@@ -139,7 +140,7 @@ main(int argc, char **argv)
 #endif
 
op = 0;
-   dflag = iflag = Rflag = 0;
+   dflag = Rflag = 0;
docf = 1;
cfname = CONF_FILE;
JidFile = NULL;
@@ -415,8 +416,6 @@ main(int argc, char **argv)
continue;
jail_create_done:
clear_persist(j);
-   if (iflag)
-   printf(%d\n, j-jid);
if (jfp != NULL)
print_jail(jfp, j, oldcl);
dep_done(j, 0);

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Mon May 28 19:48:37 2012(r236197)
+++ head/usr.sbin/jail/jailp.h  Mon May 28 20:44:11 2012(r236198)
@@ -227,6 +227,7 @@ extern struct cfjails cfjails;
 extern struct cfjails ready;
 extern struct cfjails depend;
 extern const char *cfname;
+extern int iflag;
 extern int note_remove;
 extern int paralimit;
 extern int verbose;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r235949 - head/usr.sbin/jail

2012-05-24 Thread Jamie Gritton

Author: jamie
Date: Fri May 25 00:38:06 2012
New Revision: 235949
URL: http://svn.freebsd.org/changeset/base/235949

Log:
  Don't try to set a null TERM environment.
  
  Submitted by: Mateusz Guzik mjguzik gmail.com

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cFri May 25 00:18:19 2012
(r235948)
+++ head/usr.sbin/jail/command.cFri May 25 00:38:06 2012
(r235949)
@@ -584,7 +584,8 @@ run_command(struct cfjail *j)
term = getenv(TERM);
environ = cleanenv;
setenv(PATH, /bin:/usr/bin, 0);
-   setenv(TERM, term, 1);
+   if (term != NULL)
+   setenv(TERM, term, 1);
}
if (setusercontext(lcap, pwd, pwd-pw_uid, username
? LOGIN_SETALL  ~LOGIN_SETGROUP  ~LOGIN_SETLOGIN
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r235840 - head/usr.sbin/jail

2012-05-23 Thread Jamie Gritton

Author: jamie
Date: Wed May 23 15:30:13 2012
New Revision: 235840
URL: http://svn.freebsd.org/changeset/base/235840

Log:
  Note that the new jail(8) will be appearing in 9.1.

Modified:
  head/usr.sbin/jail/jail.8
  head/usr.sbin/jail/jail.conf.5

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Wed May 23 15:29:34 2012(r235839)
+++ head/usr.sbin/jail/jail.8   Wed May 23 15:30:13 2012(r235840)
@@ -25,7 +25,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd April 26, 2012
+.Dd May 23, 2012
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -1183,7 +1183,7 @@ utility appeared in
 Hierarchical/extensible jails were introduced in
 .Fx 8.0 .
 The configuration file was introduced in
-.Fx 10.0 .
+.Fx 9.1 .
 .Sh AUTHORS
 .An -nosplit
 The jail feature was written by

Modified: head/usr.sbin/jail/jail.conf.5
==
--- head/usr.sbin/jail/jail.conf.5  Wed May 23 15:29:34 2012
(r235839)
+++ head/usr.sbin/jail/jail.conf.5  Wed May 23 15:30:13 2012
(r235840)
@@ -24,7 +24,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd April 26, 2012
+.Dd May 23, 2012
 .Dt JAIL.CONF 5
 .Os
 .Sh NAME
@@ -217,7 +217,7 @@ utility appeared in
 The
 .Nm
 file was added in
-.Fx 10.0 .
+.Fx 9.1 .
 .Sh AUTHORS
 .An -nosplit
 The jail feature was written by
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r235799 - head/lib/libjail

2012-05-22 Thread Jamie Gritton

Author: jamie
Date: Tue May 22 18:30:32 2012
New Revision: 235799
URL: http://svn.freebsd.org/changeset/base/235799

Log:
  The fix in r235291 re-broke the allow.nomount case.  Re-fix it
  by testing for the right parameter name.

Modified:
  head/lib/libjail/jail.c

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Tue May 22 18:30:14 2012(r235798)
+++ head/lib/libjail/jail.c Tue May 22 18:30:32 2012(r235799)
@@ -853,7 +853,7 @@ jailparam_free(struct jailparam *jp, uns
 static int
 jailparam_type(struct jailparam *jp)
 {
-   char *p, *nname;
+   char *p, *name, *nname;
size_t miblen, desclen;
int i, isarray;
struct {
@@ -863,7 +863,8 @@ jailparam_type(struct jailparam *jp)
int mib[CTL_MAXNAME];
 
/* The lastjid parameter isn't real. */
-   if (!strcmp(jp-jp_name, lastjid)) {
+   name = jp-jp_name;
+   if (!strcmp(name, lastjid)) {
jp-jp_valuelen = sizeof(int);
jp-jp_ctltype = CTLTYPE_INT | CTLFLAG_WR;
return (0);
@@ -872,19 +873,19 @@ jailparam_type(struct jailparam *jp)
/* Find the sysctl that describes the parameter. */
mib[0] = 0;
mib[1] = 3;
-   snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, jp-jp_name);
+   snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, name);
miblen = sizeof(mib) - 2 * sizeof(int);
if (sysctl(mib, 2, mib + 2, miblen, desc.s, strlen(desc.s))  0) {
if (errno != ENOENT) {
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
-   sysctl(0.3.%s): %s, jp-jp_name, strerror(errno));
+   sysctl(0.3.%s): %s, name, strerror(errno));
return (-1);
}
/*
 * The parameter probably doesn't exist.  But it might be
 * the no counterpart to a boolean.
 */
-   nname = nononame(jp-jp_name);
+   nname = nononame(name);
if (nname == NULL) {
unknown_parameter:
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
@@ -892,8 +893,10 @@ jailparam_type(struct jailparam *jp)
errno = ENOENT;
return (-1);
}
-   snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, nname);
+   name = alloca(strlen(nname) + 1);
+   strcpy(name, nname);
free(nname);
+   snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, name);
miblen = sizeof(mib) - 2 * sizeof(int);
if (sysctl(mib, 2, mib + 2, miblen, desc.s,
strlen(desc.s))  0)
@@ -906,7 +909,7 @@ jailparam_type(struct jailparam *jp)
if (sysctl(mib, (miblen / sizeof(int)) + 2, desc, desclen,
NULL, 0)  0) {
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
-   sysctl(0.4.%s): %s, jp-jp_name, strerror(errno));
+   sysctl(0.4.%s): %s, name, strerror(errno));
return (-1);
}
jp-jp_ctltype = desc.i;
@@ -952,7 +955,7 @@ jailparam_type(struct jailparam *jp)
if (sysctl(mib + 2, miblen / sizeof(int), desc.s, desclen,
NULL, 0)  0) {
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
-   sysctl( SJPARAM .%s): %s, jp-jp_name,
+   sysctl( SJPARAM .%s): %s, name,
strerror(errno));
return (-1);
}
@@ -970,7 +973,7 @@ jailparam_type(struct jailparam *jp)
if (sysctl(mib + 2, miblen / sizeof(int),
NULL, jp-jp_valuelen, NULL, 0)  0) {
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
-   sysctl( SJPARAM .%s): %s, jp-jp_name,
+   sysctl( SJPARAM .%s): %s, name,
strerror(errno));
return (-1);
}
@@ -995,10 +998,9 @@ jailparam_type(struct jailparam *jp)
sysctl(0.1): %s, strerror(errno));
return (-1);
}
-   if (desclen ==
-   sizeof(SJPARAM) + strlen(jp-jp_name) + 2 
+   if (desclen == sizeof(SJPARAM) + strlen(name) + 2 
memcmp(SJPARAM ., desc.s, sizeof(SJPARAM)) == 0 
-   memcmp(jp-jp_name, desc.s + sizeof(SJPARAM),
+   memcmp(name, desc.s + sizeof(SJPARAM),
desclen - sizeof(SJPARAM) - 2) == 0 
desc.s[desclen - 2] == '.')
goto mib_desc;

svn commit: r235291 - head/lib/libjail

2012-05-11 Thread Jamie Gritton

Author: jamie
Date: Fri May 11 21:22:52 2012
New Revision: 235291
URL: http://svn.freebsd.org/changeset/base/235291

Log:
  The linker isn't consistent in the ordering of dynamic sysctls, so don't
  assume that the unnamed final component of security.jail.param.foo. is
  one less than the foo component.  It might be one greater instead.

Modified:
  head/lib/libjail/jail.c

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Fri May 11 21:13:43 2012(r235290)
+++ head/lib/libjail/jail.c Fri May 11 21:22:52 2012(r235291)
@@ -855,7 +855,7 @@ jailparam_type(struct jailparam *jp)
 {
char *p, *nname;
size_t miblen, desclen;
-   int isarray;
+   int i, isarray;
struct {
int i;
char s[MAXPATHLEN];
@@ -977,21 +977,33 @@ jailparam_type(struct jailparam *jp)
}
break;
case CTLTYPE_NODE:
-   /* A node might be described by an empty-named child. */
+   /*
+* A node might be described by an empty-named child,
+* which would be immediately before or after the node itself.
+*/
mib[1] = 1;
-   mib[(miblen / sizeof(int)) + 2] =
-   mib[(miblen / sizeof(int)) + 1] - 1;
miblen += sizeof(int);
-   desclen = sizeof(desc.s);
-   if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s, desclen,
-   NULL, 0)  0) {
-   snprintf(jail_errmsg, JAIL_ERRMSGLEN,
-   sysctl(0.1): %s, strerror(errno));
-   return (-1);
+   for (i = -1; i = 1; i += 2) {
+   mib[(miblen / sizeof(int)) + 1] =
+   mib[(miblen / sizeof(int))] + i;
+   desclen = sizeof(desc.s);
+   if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s,
+   desclen, NULL, 0)  0) {
+   if (errno == ENOENT)
+   continue;
+   snprintf(jail_errmsg, JAIL_ERRMSGLEN,
+   sysctl(0.1): %s, strerror(errno));
+   return (-1);
+   }
+   if (desclen ==
+   sizeof(SJPARAM) + strlen(jp-jp_name) + 2 
+   memcmp(SJPARAM ., desc.s, sizeof(SJPARAM)) == 0 
+   memcmp(jp-jp_name, desc.s + sizeof(SJPARAM),
+   desclen - sizeof(SJPARAM) - 2) == 0 
+   desc.s[desclen - 2] == '.')
+   goto mib_desc;
}
-   if (desc.s[desclen - 2] != '.')
-   goto unknown_parameter;
-   goto mib_desc;
+   goto unknown_parameter;
default:
snprintf(jail_errmsg, JAIL_ERRMSGLEN,
unknown type for %s, jp-jp_name);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r234988 - head/usr.sbin/jail

2012-05-03 Thread Jamie Gritton

Author: jamie
Date: Thu May  3 21:39:23 2012
New Revision: 234988
URL: http://svn.freebsd.org/changeset/base/234988

Log:
  Add a meta-parameter IP__NULL to enum intparam, instead of mixing
  enum values and zeroes.  This keeps clang happy (and is just good form).
  
  Submitted by: dim

Modified:
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/config.c
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/jailp.h

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cThu May  3 21:21:45 2012
(r234987)
+++ head/usr.sbin/jail/command.cThu May  3 21:39:23 2012
(r234988)
@@ -100,7 +100,7 @@ next_command(struct cfjail *j)
if (j-comstring == NULL) {
j-comparam += create_failed ? -1 : 1;
switch ((comparam = *j-comparam)) {
-   case 0:
+   case IP__NULL:
return 0;
case IP_MOUNT_DEVFS:
if (!bool_param(j-intparams[IP_MOUNT_DEVFS]))

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu May  3 21:21:45 2012(r234987)
+++ head/usr.sbin/jail/config.c Thu May  3 21:39:23 2012(r234988)
@@ -328,7 +328,7 @@ add_param(struct cfjail *j, const struct
}
} else {
flags = PF_APPEND;
-   if (ipnum != 0) {
+   if (ipnum != IP__NULL) {
name = intparams[ipnum].name;
flags |= intparams[ipnum].flags;
} else if ((cs = strchr(value, '='))) {
@@ -350,7 +350,7 @@ add_param(struct cfjail *j, const struct
}
 
/* See if this parameter has already been added. */
-   if (ipnum != 0)
+   if (ipnum != IP__NULL)
dp = j-intparams[ipnum];
else
TAILQ_FOREACH(dp, j-params, tq)
@@ -375,10 +375,10 @@ add_param(struct cfjail *j, const struct
np-flags = flags;
np-gen = 0;
TAILQ_INSERT_TAIL(j-params, np, tq);
-   if (ipnum != 0)
+   if (ipnum != IP__NULL)
j-intparams[ipnum] = np;
else
-   for (ipnum = 1; ipnum  IP_NPARAM; ipnum++)
+   for (ipnum = IP__NULL + 1; ipnum  IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags  PF_CONV) 
equalopts(name, intparams[ipnum].name)) {
j-intparams[ipnum] = np;

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Thu May  3 21:21:45 2012(r234987)
+++ head/usr.sbin/jail/jail.c   Thu May  3 21:39:23 2012(r234988)
@@ -81,7 +81,7 @@ static struct permspec perm_sysctl[] = {
 };
 
 static const enum intparam startcommands[] = {
-0,
+IP__NULL,
 #ifdef INET
 IP__IP4_IFADDR,
 #endif
@@ -97,11 +97,11 @@ static const enum intparam startcommands
 IP_EXEC_START,
 IP_COMMAND,
 IP_EXEC_POSTSTART,
-0
+IP__NULL
 };
 
 static const enum intparam stopcommands[] = {
-0,
+IP__NULL,
 IP_EXEC_PRESTOP,
 IP_EXEC_STOP,
 IP_STOP_TIMEOUT,
@@ -116,7 +116,7 @@ static const enum intparam stopcommands[
 #ifdef INET
 IP__IP4_IFADDR,
 #endif
-0
+IP__NULL
 };
 
 int

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Thu May  3 21:21:45 2012(r234987)
+++ head/usr.sbin/jail/jailp.h  Thu May  3 21:39:23 2012(r234988)
@@ -71,7 +71,8 @@
 #define JF_DO_STOP(js) (((js)  (JF_SET | JF_STOP)) == JF_STOP)
 
 enum intparam {
-   IP_ALLOW_DYING = 1, /* Allow making changes to a dying jail */
+   IP__NULL = 0,   /* Null command */
+   IP_ALLOW_DYING, /* Allow making changes to a dying jail */
IP_COMMAND, /* Command run inside jail at creation */
IP_DEPEND,  /* Jail starts after (stops before) another */
IP_EXEC_CLEAN,  /* Run commands in a clean environment */
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r234934 - head/usr.sbin/jail

2012-05-02 Thread Jamie Gritton

Author: jamie
Date: Wed May  2 21:24:08 2012
New Revision: 234934
URL: http://svn.freebsd.org/changeset/base/234934

Log:
  Add YY_NO_INPUT so clang doesn't complain about input not being used.

Modified:
  head/usr.sbin/jail/jaillex.l

Modified: head/usr.sbin/jail/jaillex.l
==
--- head/usr.sbin/jail/jaillex.lWed May  2 20:01:28 2012
(r234933)
+++ head/usr.sbin/jail/jaillex.lWed May  2 21:24:08 2012
(r234934)
@@ -36,6 +36,7 @@ __FBSDID($FreeBSD$);
 #include jailp.h
 #include y.tab.h
 
+#define YY_NO_INPUT
 #define YY_NO_UNPUT
 
 extern int yynerrs;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r234744 - head/usr.sbin/jail

2012-04-27 Thread Jamie Gritton

Author: jamie
Date: Fri Apr 27 23:39:21 2012
New Revision: 234744
URL: http://svn.freebsd.org/changeset/base/234744

Log:
  Fix the dates and history as of the move to HEAD.

Modified:
  head/usr.sbin/jail/jail.conf.5

Modified: head/usr.sbin/jail/jail.conf.5
==
--- head/usr.sbin/jail/jail.conf.5  Fri Apr 27 22:27:21 2012
(r234743)
+++ head/usr.sbin/jail/jail.conf.5  Fri Apr 27 23:39:21 2012
(r234744)
@@ -1,4 +1,4 @@
-.\ Copyright (c) 2011 James Gritton
+.\ Copyright (c) 2012 James Gritton
 .\ All rights reserved.
 .\
 .\ Redistribution and use in source and binary forms, with or without
@@ -24,7 +24,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd October 20, 2010
+.Dd April 26, 2012
 .Dt JAIL.CONF 5
 .Os
 .Sh NAME
@@ -217,7 +217,7 @@ utility appeared in
 The
 .Nm
 file was added in
-.Fx 9.0 .
+.Fx 10.0 .
 .Sh AUTHORS
 .An -nosplit
 The jail feature was written by
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r234712 - in head: lib/libc/sys usr.sbin/jail

2012-04-26 Thread Jamie Gritton

Author: jamie
Date: Thu Apr 26 17:36:05 2012
New Revision: 234712
URL: http://svn.freebsd.org/changeset/base/234712

Log:
  A new jail(8) with a configuration file, ultimately to replace the work
  currently done by /etc/rc.d/jail.
  
  MFC after:3 months

Added:
  head/usr.sbin/jail/command.c
 - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/command.c
  head/usr.sbin/jail/config.c
 - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/config.c
  head/usr.sbin/jail/jail.conf.5
 - copied unchanged from r232242, 
projects/jailconf/usr.sbin/jail/jail.conf.5
  head/usr.sbin/jail/jaillex.l
 - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/jaillex.l
  head/usr.sbin/jail/jailp.h
 - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/jailp.h
  head/usr.sbin/jail/jailparse.y
 - copied unchanged from r232242, 
projects/jailconf/usr.sbin/jail/jailparse.y
  head/usr.sbin/jail/state.c
 - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/state.c
Modified:
  head/lib/libc/sys/jail.2
  head/usr.sbin/jail/Makefile
  head/usr.sbin/jail/jail.8
  head/usr.sbin/jail/jail.c
Directory Properties:
  head/lib/libc/   (props changed)
  head/usr.sbin/jail/   (props changed)

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Thu Apr 26 17:35:11 2012(r234711)
+++ head/lib/libc/sys/jail.2Thu Apr 26 17:36:05 2012(r234712)
@@ -247,44 +247,6 @@ They return \-1 on failure, and set
 to indicate the error.
 .Pp
 .Rv -std jail_attach jail_remove
-.Sh PRISON?
-Once a process has been put in a prison, it and its descendants cannot escape
-the prison.
-.Pp
-Inside the prison, the concept of
-.Dq superuser
-is very diluted.
-In general,
-it can be assumed that nothing can be mangled from inside a prison which
-does not exist entirely inside that prison.
-For instance the directory
-tree below
-.Dq Li path
-can be manipulated all the ways a root can normally do it, including
-.Dq Li rm -rf /*
-but new device special nodes cannot be created because they reference
-shared resources (the device drivers in the kernel).
-The effective
-.Dq securelevel
-for a process is the greater of the global
-.Dq securelevel
-or, if present, the per-jail
-.Dq securelevel .
-.Pp
-All IP activity will be forced to happen to/from the IP number specified,
-which should be an alias on one of the network interfaces.
-All connections to/from the loopback address
-.Pf ( Li 127.0.0.1
-for IPv4,
-.Li ::1
-for IPv6) will be changed to be to/from the primary address
-of the jail for the given address family.
-.Pp
-It is possible to identify a process as jailed by examining
-.Dq Li /proc/pid/status :
-it will show a field near the end of the line, either as
-a single hyphen for a process at large, or the name currently
-set for the prison for jailed processes.
 .Sh ERRORS
 The
 .Fn jail
@@ -415,7 +377,7 @@ and
 .Fn jail_attach
 call
 .Xr chroot 2
-internally, so it can fail for all the same reasons.
+internally, so they can fail for all the same reasons.
 Please consult the
 .Xr chroot 2
 manual page for details.

Modified: head/usr.sbin/jail/Makefile
==
--- head/usr.sbin/jail/Makefile Thu Apr 26 17:35:11 2012(r234711)
+++ head/usr.sbin/jail/Makefile Thu Apr 26 17:36:05 2012(r234712)
@@ -3,9 +3,14 @@
 .include bsd.own.mk
 
 PROG=  jail
-MAN=   jail.8
-DPADD= ${LIBJAIL} ${LIBUTIL}
-LDADD= -ljail -lutil
+MAN=   jail.8 jail.conf.5
+SRCS=  jail.c command.c config.c state.c jailp.h jaillex.l jailparse.y y.tab.h
+
+DPADD= ${LIBJAIL} ${LIBKVM} ${LIBUTIL} ${LIBL}
+LDADD= -ljail -lkvm -lutil -ll
+
+YFLAGS+=-v
+CFLAGS+=-I. -I${.CURDIR}
 
 .if ${MK_INET6_SUPPORT} != no
 CFLAGS+= -DINET6
@@ -14,4 +19,6 @@ CFLAGS+= -DINET6
 CFLAGS+= -DINET
 .endif
 
+CLEANFILES= y.output
+
 .include bsd.prog.mk

Copied: head/usr.sbin/jail/command.c (from r232242, 
projects/jailconf/usr.sbin/jail/command.c)
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/usr.sbin/jail/command.cThu Apr 26 17:36:05 2012
(r234712, copy of r232242, projects/jailconf/usr.sbin/jail/command.c)
@@ -0,0 +1,857 @@
+/*-
+ * Copyright (c) 2011 James Gritton
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS

1 2 >

1 - 100 of 113 matches

Mail list logo