svn commit: r368676 - head/usr.sbin/jls

2020-12-15 Thread Jamie Gritton 
Author: jamie
Date: Tue Dec 15 20:56:35 2020
New Revision: 368676
URL: https://svnweb.freebsd.org/changeset/base/368676

Log:
  Bugfix to not hide jailparam flags, which for example changes the output
  "vnet=2" to the less opaque "vnet=inherit"
  
  Reported by:  kevans
  MFC after:5 days

Modified:
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Tue Dec 15 20:02:40 2020(r368675)
+++ head/usr.sbin/jls/jls.c Tue Dec 15 20:56:35 2020(r368676)
@@ -323,7 +323,7 @@ add_param(const char *name, void *value, size_t valuel
}
xo_errx(1, "%s", jail_errmsg);
}
-   param->jp_flags = flags;
+   param->jp_flags |= flags;
return param - params;
 }
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r365321 - stable/12/sys/sys

2020-09-03 Thread Jamie Gritton 
Author: jamie
Date: Fri Sep  4 00:24:31 2020
New Revision: 365321
URL: https://svnweb.freebsd.org/changeset/base/365321

Log:
  MFC r364970:
  
  Add __BEGIN_DECLS to jail.h to keep C++ happy.
  
  PR:   238928
  Reported by:  yuri@

Modified:
  stable/12/sys/sys/jail.h
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/sys/sys/jail.h
==
--- stable/12/sys/sys/jail.hFri Sep  4 00:22:24 2020(r365320)
+++ stable/12/sys/sys/jail.hFri Sep  4 00:24:31 2020(r365321)
@@ -110,11 +110,13 @@ struct xprison {
 
 struct iovec;
 
+__BEGIN_DECLS
 int jail(struct jail *);
 int jail_set(struct iovec *, unsigned int, int);
 int jail_get(struct iovec *, unsigned int, int);
 int jail_attach(int);
 int jail_remove(int);
+__END_DECLS
 
 #else /* _KERNEL */
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r365320 - stable/12/usr.sbin/jail

2020-09-03 Thread Jamie Gritton 
Author: jamie
Date: Fri Sep  4 00:22:24 2020
New Revision: 365320
URL: https://svnweb.freebsd.org/changeset/base/365320

Log:
  MFC r364850:
  
  Don't allow jail.conf variables to have the same names as jail parameters.
  It was already not allowed in many cases, but crashed instead of giving an
  error.
  
  PR:   248444

Modified:
  stable/12/usr.sbin/jail/config.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/usr.sbin/jail/config.c
==
--- stable/12/usr.sbin/jail/config.cFri Sep  4 00:12:28 2020
(r365319)
+++ stable/12/usr.sbin/jail/config.cFri Sep  4 00:22:24 2020
(r365320)
@@ -366,8 +366,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e
break;
if (dp != NULL) {
/* Found it - append or replace. */
+   if ((flags ^ dp->flags) & PF_VAR) {
+   jail_warnx(j, "variable \"$%s\" cannot have the same "
+   "name as a parameter.", name);
+   return;
+   }
if (dp->flags & PF_IMMUTABLE) {
-   jail_warnx(j, "cannot redefine variable \"%s\".",
+   jail_warnx(j, "cannot redefine parameter \"%s\".",
dp->name);
return;
}
@@ -394,6 +399,14 @@ add_param(struct cfjail *j, const struct cfparam *p, e
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
equalopts(name, intparams[ipnum].name)) {
+   if (flags & PF_VAR) {
+   jail_warnx(j,
+   "variable \"$%s\" "
+   "cannot have the same "
+   "name as a parameter.",
+   name);
+   return;
+   }
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r364970 - head/sys/sys

2020-08-29 Thread Jamie Gritton 
Author: jamie
Date: Sat Aug 29 22:24:41 2020
New Revision: 364970
URL: https://svnweb.freebsd.org/changeset/base/364970

Log:
  Add __BEGIN_DECLS to jail.h to keep C++ happy.
  
  PR:   238928
  Reported by:  yuri@

Modified:
  head/sys/sys/jail.h

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Sat Aug 29 22:09:36 2020(r364969)
+++ head/sys/sys/jail.h Sat Aug 29 22:24:41 2020(r364970)
@@ -110,11 +110,13 @@ struct xprison {
 
 struct iovec;
 
+__BEGIN_DECLS
 int jail(struct jail *);
 int jail_set(struct iovec *, unsigned int, int);
 int jail_get(struct iovec *, unsigned int, int);
 int jail_attach(int);
 int jail_remove(int);
+__END_DECLS
 
 #else /* _KERNEL */
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r364969 - stable/12/sys/kern

2020-08-29 Thread Jamie Gritton 
Author: jamie
Date: Sat Aug 29 22:09:36 2020
New Revision: 364969
URL: https://svnweb.freebsd.org/changeset/base/364969

Log:
  Fix a null dereference when debug.disablefullpath=1 and jail created
  with path=/.
  
  PR:   214881
  Submitted by: aler (at) playground.ru
  Reported by:  aler (at) playground.ru

Modified:
  stable/12/sys/kern/kern_jail.c

Modified: stable/12/sys/kern/kern_jail.c
==
--- stable/12/sys/kern/kern_jail.c  Sat Aug 29 21:47:49 2020
(r364968)
+++ stable/12/sys/kern/kern_jail.c  Sat Aug 29 22:09:36 2020
(r364969)
@@ -943,40 +943,45 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
error = EINVAL;
goto done_free;
}
-   NDINIT(, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
-   path, td);
-   error = namei();
-   if (error)
-   goto done_free;
-   root = nd.ni_vp;
-   NDFREE(, NDF_ONLY_PNBUF);
-   g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
-   strlcpy(g_path, path, MAXPATHLEN);
-   error = vn_path_to_global_path(td, root, g_path, MAXPATHLEN);
-   if (error == 0)
-   path = g_path;
-   else if (error == ENODEV) {
-   /* proceed if sysctl debug.disablefullpath == 1 */
-   fullpath_disabled = 1;
-   if (len < 2 || (len == 2 && path[0] == '/'))
-   path = NULL;
-   } else {
-   /* exit on other errors */
-   goto done_free;
-   }
-   if (root->v_type != VDIR) {
-   error = ENOTDIR;
-   vput(root);
-   goto done_free;
-   }
-   VOP_UNLOCK(root, 0);
-   if (fullpath_disabled) {
-   /* Leave room for a real-root full pathname. */
-   if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/")
-   ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
-   error = ENAMETOOLONG;
-   vrele(root);
+   if (len < 2 || (len == 2 && path[0] == '/'))
+   path = NULL;
+   else
+   {
+   NDINIT(, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE,
+   path, td);
+   error = namei();
+   if (error)
goto done_free;
+   root = nd.ni_vp;
+   NDFREE(, NDF_ONLY_PNBUF);
+   g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+   strlcpy(g_path, path, MAXPATHLEN);
+   error = vn_path_to_global_path(td, root, g_path,
+   MAXPATHLEN);
+   if (error == 0)
+   path = g_path;
+   else if (error == ENODEV) {
+   /* means sysctl debug.disablefullpath == 1 */
+   fullpath_disabled = 1;
+   } else {
+   /* exit on other errors */
+   goto done_free;
+   }
+   if (root->v_type != VDIR) {
+   error = ENOTDIR;
+   vput(root);
+   goto done_free;
+   }
+   VOP_UNLOCK(root, 0);
+   if (fullpath_disabled) {
+   /* Leave room for a real-root full pathname. */
+   if (len + (path[0] == '/' &&
+   strcmp(mypr->pr_path, "/")
+   ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
+   error = ENAMETOOLONG;
+   vrele(root);
+   goto done_free;
+   }
}
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r364874 - head/usr.sbin/jail

2020-08-27 Thread Jamie Gritton 
Author: jamie
Date: Thu Aug 27 17:04:55 2020
New Revision: 364874
URL: https://svnweb.freebsd.org/changeset/base/364874

Log:
  Disregard jails in jail.conf that have bad parameters (parameter/variable
  clash, or redefining name/jid).  The current behvaior, of merely warning
  and moving on, can lead to unexpected behavior when a jail is created
  without the offending parameter defined at all.

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Aug 27 16:36:07 2020(r364873)
+++ head/usr.sbin/jail/config.c Thu Aug 27 17:04:55 2020(r364874)
@@ -369,11 +369,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e
if ((flags ^ dp->flags) & PF_VAR) {
jail_warnx(j, "variable \"$%s\" cannot have the same "
"name as a parameter.", name);
+   j->flags |= JF_FAILED;
return;
}
if (dp->flags & PF_IMMUTABLE) {
jail_warnx(j, "cannot redefine parameter \"%s\".",
dp->name);
+   j->flags |= JF_FAILED;
return;
}
if (strcmp(dp->name, name)) {
@@ -405,6 +407,7 @@ add_param(struct cfjail *j, const struct cfparam *p, e
"cannot have the same "
"name as a parameter.",
name);
+   j->flags |= JF_FAILED;
return;
}
j->intparams[ipnum] = np;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r364850 - head/usr.sbin/jail

2020-08-26 Thread Jamie Gritton 
Author: jamie
Date: Thu Aug 27 00:17:17 2020
New Revision: 364850
URL: https://svnweb.freebsd.org/changeset/base/364850

Log:
  Don't allow jail.conf variables to have the same names as jail parameters.
  It was already not allowed in many cases, but crashed instead of giving an
  error.
  
  PR:   248444

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Wed Aug 26 23:41:46 2020(r364849)
+++ head/usr.sbin/jail/config.c Thu Aug 27 00:17:17 2020(r364850)
@@ -366,8 +366,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e
break;
if (dp != NULL) {
/* Found it - append or replace. */
+   if ((flags ^ dp->flags) & PF_VAR) {
+   jail_warnx(j, "variable \"$%s\" cannot have the same "
+   "name as a parameter.", name);
+   return;
+   }
if (dp->flags & PF_IMMUTABLE) {
-   jail_warnx(j, "cannot redefine variable \"%s\".",
+   jail_warnx(j, "cannot redefine parameter \"%s\".",
dp->name);
return;
}
@@ -394,6 +399,14 @@ add_param(struct cfjail *j, const struct cfparam *p, e
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
equalopts(name, intparams[ipnum].name)) {
+   if (flags & PF_VAR) {
+   jail_warnx(j,
+   "variable \"$%s\" "
+   "cannot have the same "
+   "name as a parameter.",
+   name);
+   return;
+   }
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r364828 - head/usr.sbin/jail

2020-08-26 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 26 18:35:32 2020
New Revision: 364828
URL: https://svnweb.freebsd.org/changeset/base/364828

Log:
  Back out r364791 to unbreak jails.  Lesson learned: "compile and test" means
  running the test on the same executable that you just compiled.
  
  PR:   248444
  Pointy hat to:jamie

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Wed Aug 26 17:52:32 2020(r364827)
+++ head/usr.sbin/jail/config.c Wed Aug 26 18:35:32 2020(r364828)
@@ -393,8 +393,7 @@ add_param(struct cfjail *j, const struct cfparam *p, e
else
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
-   equalopts(name, intparams[ipnum].name) &&
-   !(p->flags & PF_VAR)) {
+   equalopts(name, intparams[ipnum].name)) {
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r364791 - head/usr.sbin/jail

2020-08-25 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 26 00:42:59 2020
New Revision: 364791
URL: https://svnweb.freebsd.org/changeset/base/364791

Log:
  Handle jail.conf variables that have the same names as parameters.
  
  PR:   248444
  Submitted by: Akos Somfai
  Reported by:  Markus Stoff

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Wed Aug 26 00:31:59 2020(r364790)
+++ head/usr.sbin/jail/config.c Wed Aug 26 00:42:59 2020(r364791)
@@ -393,7 +393,8 @@ add_param(struct cfjail *j, const struct cfparam *p, e
else
for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++)
if (!(intparams[ipnum].flags & PF_CONV) &&
-   equalopts(name, intparams[ipnum].name)) {
+   equalopts(name, intparams[ipnum].name) &&
+   !(p->flags & PF_VAR)) {
j->intparams[ipnum] = np;
np->flags |= intparams[ipnum].flags;
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r349180 - stable/12/usr.sbin/jail

2019-06-18 Thread Jamie Gritton 
Author: jamie
Date: Tue Jun 18 23:49:13 2019
New Revision: 349180
URL: https://svnweb.freebsd.org/changeset/base/349180

Log:
  Unmount filesystems on jail removal with "-f", to get around a situation
  where the jail root vnode reference is stopping the filesystem from
  unmounting, when the jail is removed by still exists in a dying state.
  
  PR:   238517
  Reported by:  matthias at harz.de

Modified:
  stable/12/usr.sbin/jail/command.c

Modified: stable/12/usr.sbin/jail/command.c
==
--- stable/12/usr.sbin/jail/command.c   Tue Jun 18 22:00:38 2019
(r349179)
+++ stable/12/usr.sbin/jail/command.c   Tue Jun 18 23:49:13 2019
(r349180)
@@ -475,6 +475,7 @@ run_command(struct cfjail *j)
if (down) {
argv[4] = NULL;
argv[3] = argv[1];
+   argv[1] = "-ft";
argv[0] = "/sbin/umount";
} else {
if (argc == 4) {
@@ -488,9 +489,9 @@ run_command(struct cfjail *j)
argv[4] = argv[1];
argv[3] = argv[0];
}
+   argv[1] = "-t";
argv[0] = _PATH_MOUNT;
}
-   argv[1] = "-t";
break;
 
case IP_MOUNT_DEVFS:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r341084 - in head: sys/kern sys/sys usr.sbin/jail

2018-11-27 Thread Jamie Gritton 
Author: jamie
Date: Tue Nov 27 17:51:50 2018
New Revision: 341084
URL: https://svnweb.freebsd.org/changeset/base/341084

Log:
  In hardened systems, where the security.bsd.unprivileged_proc_debug sysctl
  node is set, allow setting security.bsd.unprivileged_proc_debug per-jail.
  In part, this is needed to create jails in which the Address Sanitizer
  (ASAN) fully works as ASAN utilizes libkvm to inspect the virtual address
  space. Instead of having to allow unprivileged process debugging for the
  entire system, allow setting it on a per-jail basis.
  
  The sysctl node is still security.bsd.unprivileged_proc_debug and the
  jail(8) param is allow.unprivileged_proc_debug. The sysctl code is now a
  sysctl proc rather than a sysctl int. This allows us to determine setting
  the flag for the corresponding jail (or prison0).
  
  As part of the change, the dynamic allow.* API needed to be modified to
  take into account pr_allow flags which may now be disabled in prison0.
  This prevents conflicts with new pr_allow flags (like that of vmm(4)) that
  are added (and removed) dynamically.
  
  Also teach the jail creation KPI to allow differences for certain pr_allow
  flags between the parent and child jail. This can happen when unprivileged
  process debugging is disabled in the parent prison, but enabled in the
  child.
  
  Submitted by: Shawn Webb 
  Obtained from:HardenedBSD (45b3625edba0f73b3e3890b1ec3d0d1e95fd47e1, 
deba0b5078cef0faae43cbdafed3035b16587afc, 
ab21eeb3b4c72f2500987c96ff603ccf3b6e7de8)
  Relnotes: yes
  Sponsored by: HardenedBSD and G2, Inc
  Differential Revision:https://reviews.freebsd.org/D18319

Modified:
  head/sys/kern/kern_jail.c
  head/sys/kern/kern_priv.c
  head/sys/kern/kern_prot.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Nov 27 17:10:00 2018(r341083)
+++ head/sys/kern/kern_jail.c   Tue Nov 27 17:51:50 2018(r341084)
@@ -194,10 +194,14 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = 
{"allow.reserved_ports", "allow.noreserved_ports",
 PR_ALLOW_RESERVED_PORTS},
{"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF},
+   {"allow.unprivileged_proc_debug", "allow.nounprivileged_proc_debug",
+PR_ALLOW_UNPRIV_DEBUG},
 };
 const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
 
-#defineJAIL_DEFAULT_ALLOW  (PR_ALLOW_SET_HOSTNAME | 
PR_ALLOW_RESERVED_PORTS)
+#defineJAIL_DEFAULT_ALLOW  (PR_ALLOW_SET_HOSTNAME | \
+PR_ALLOW_RESERVED_PORTS | \
+PR_ALLOW_UNPRIV_DEBUG)
 #defineJAIL_DEFAULT_ENFORCE_STATFS 2
 #defineJAIL_DEFAULT_DEVFS_RSNUM0
 static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;
@@ -498,6 +502,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
int ip6s, redo_ip6;
 #endif
uint64_t pr_allow, ch_allow, pr_flags, ch_flags;
+   uint64_t pr_allow_diff;
unsigned tallow;
char numbuf[12];
 
@@ -1530,7 +1535,8 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
}
}
}
-   if (pr_allow & ~ppr->pr_allow) {
+   pr_allow_diff = pr_allow & ~ppr->pr_allow;
+   if (pr_allow_diff & ~PR_ALLOW_DIFFERENCES) {
error = EPERM;
goto done_deref_locked;
}
@@ -3783,6 +3789,8 @@ SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT 
 "B", "Jail may bind sockets to reserved ports");
 SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW,
 "B", "Jail may read the kernel message buffer");
+SYSCTL_JAIL_PARAM(_allow, unprivileged_proc_debug, CTLTYPE_INT | CTLFLAG_RW,
+"B", "Unprivileged processes may use process debugging facilities");
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,
@@ -3834,10 +3842,16 @@ prison_add_allow(const char *prefix, const char *name,
 * Find a free bit in prison0's pr_allow, failing if there are none
 * (which shouldn't happen as long as we keep track of how many
 * potential dynamic flags exist).
+*
+* Due to per-jail unprivileged process debugging support
+* using pr_allow, also verify against PR_ALLOW_ALL_STATIC.
+* prison0 may have unprivileged process debugging unset.
 */
for (allow_flag = 1;; allow_flag <<= 1) {
if (allow_flag == 0)
goto no_add;
+   if (allow_flag & PR_ALLOW_ALL_STATIC)
+   continue;
if ((prison0.pr_allow & allow_flag) == 0)
break;
}

Modified: head/sys/kern/kern_priv.c

svn commit: r339446 - in stable/11: sys/kern sys/sys usr.sbin/jail

2018-10-20 Thread Jamie Gritton 
Author: jamie
Date: Sat Oct 20 16:20:36 2018
New Revision: 339446
URL: https://svnweb.freebsd.org/changeset/base/339446

Log:
  MFC r339409, r339420:
  
Add a new jail permission, allow.read_msgbuf.  When true, jailed processes
can see the dmesg buffer (this is the current behavior).  When false (the
new default), dmesg will be unavailable to jailed users, whether root or
not.
  
The security.bsd.unprivileged_read_msgbuf sysctl still works as before,
controlling system-wide whether non-root users can see the buffer.
  
  PR:   211580
  Submitted by: bz

Modified:
  stable/11/sys/kern/kern_jail.c
  stable/11/sys/kern/kern_priv.c
  stable/11/sys/kern/subr_prf.c
  stable/11/sys/sys/jail.h
  stable/11/usr.sbin/jail/jail.8
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/kern/kern_jail.c
==
--- stable/11/sys/kern/kern_jail.c  Fri Oct 19 10:05:02 2018
(r339445)
+++ stable/11/sys/kern/kern_jail.c  Sat Oct 20 16:20:36 2018
(r339446)
@@ -200,6 +200,7 @@ static char *pr_allow_names[] = {
"allow.mount.fdescfs",
"allow.mount.linprocfs",
"allow.mount.linsysfs",
+   "allow.read_msgbuf",
 };
 const size_t pr_allow_names_size = sizeof(pr_allow_names);
 
@@ -219,6 +220,7 @@ static char *pr_allow_nonames[] = {
"allow.mount.nofdescfs",
"allow.mount.nolinprocfs",
"allow.mount.nolinsysfs",
+   "allow.noread_msgbuf",
 };
 const size_t pr_allow_nonames_size = sizeof(pr_allow_nonames);
 
@@ -3348,6 +3350,15 @@ prison_priv_check(struct ucred *cred, int priv)
case PRIV_PROC_SETLOGINCLASS:
return (0);
 
+   /*
+* Do not allow a process inside a jail to read the kernel
+* message buffer unless explicitly permitted.
+*/
+   case PRIV_MSGBUF:
+   if (cred->cr_prison->pr_allow & PR_ALLOW_READ_MSGBUF)
+   return (0);
+   return (EPERM);
+
default:
/*
 * In all remaining cases, deny the privilege request.  This
@@ -3796,6 +3807,8 @@ SYSCTL_JAIL_PARAM(_allow, quotas, CTLTYPE_INT | CTLFLA
 "B", "Jail may set file quotas");
 SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW,
 "B", "Jail may create sockets other than just UNIX/IPv4/IPv6/route");
+SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW,
+"B", "Jail may read the kernel message buffer");
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,

Modified: stable/11/sys/kern/kern_priv.c
==
--- stable/11/sys/kern/kern_priv.c  Fri Oct 19 10:05:02 2018
(r339445)
+++ stable/11/sys/kern/kern_priv.c  Sat Oct 20 16:20:36 2018
(r339446)
@@ -60,6 +60,11 @@ static int   unprivileged_mlock = 1;
 SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN,
 _mlock, 0, "Allow non-root users to call mlock(2)");
 
+static int unprivileged_read_msgbuf = 1;
+SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf,
+CTLFLAG_RW, _read_msgbuf, 0,
+"Unprivileged processes may read the kernel message buffer");
+
 SDT_PROVIDER_DEFINE(priv);
 SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__ok, "int");
 SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__err, "int");
@@ -102,6 +107,17 @@ priv_check_cred(struct ucred *cred, int priv, int flag
switch (priv) {
case PRIV_VM_MLOCK:
case PRIV_VM_MUNLOCK:
+   error = 0;
+   goto out;
+   }
+   }
+
+   if (unprivileged_read_msgbuf) {
+   /*
+* Allow an unprivileged user to read the kernel message
+* buffer.
+*/
+   if (priv == PRIV_MSGBUF) {
error = 0;
goto out;
}

Modified: stable/11/sys/kern/subr_prf.c
==
--- stable/11/sys/kern/subr_prf.c   Fri Oct 19 10:05:02 2018
(r339445)
+++ stable/11/sys/kern/subr_prf.c   Sat Oct 20 16:20:36 2018
(r339446)
@@ -1042,11 +1042,6 @@ msgbufinit(void *ptr, int size)
oldp = msgbufp;
 }
 
-static int unprivileged_read_msgbuf = 1;
-SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf,
-CTLFLAG_RW, _read_msgbuf, 0,
-"Unprivileged processes may read the kernel message buffer");
-
 /* Sysctls for accessing/clearing the msgbuf */
 static int
 sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS)
@@ -1055,11 +1050,9 @@ sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS)
u_int seq;
int error, len;
 
-   if (!unprivileged_read_msgbuf) {
-

svn commit: r339420 - in head: sys/kern usr.sbin/jail

2018-10-18 Thread Jamie Gritton 
Author: jamie
Date: Thu Oct 18 15:02:57 2018
New Revision: 339420
URL: https://svnweb.freebsd.org/changeset/base/339420

Log:
  Fix typos from r339409.
  
  Reported by:  maxim
  Approved by:  re (gjb)

Modified:
  head/sys/kern/kern_jail.c
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Oct 18 14:20:15 2018(r339419)
+++ head/sys/kern/kern_jail.c   Thu Oct 18 15:02:57 2018(r339420)
@@ -3352,7 +3352,7 @@ prison_priv_check(struct ucred *cred, int priv)
return (0);
 
/*
-* Do not allow a process inside a jail read the kernel
+* Do not allow a process inside a jail to read the kernel
 * message buffer unless explicitly permitted.
 */
case PRIV_MSGBUF:

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Thu Oct 18 14:20:15 2018(r339419)
+++ head/usr.sbin/jail/jail.8   Thu Oct 18 15:02:57 2018(r339420)
@@ -553,7 +553,7 @@ with non-jailed parts of the system.
 Jailed users may read the kernel message buffer.
 If the
 .Va security.bsd.unprivileged_read_msgbuf
-MIB entry is zero, this will be restricted to to root user.
+MIB entry is zero, this will be restricted to the root user.
 .It Va allow.socket_af
 Sockets within a jail are normally restricted to IPv4, IPv6, local
 (UNIX), and route.  This allows access to other protocol stacks that
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r339411 - stable/11/sys/kern

2018-10-17 Thread Jamie Gritton 
Author: jamie
Date: Wed Oct 17 16:17:57 2018
New Revision: 339411
URL: https://svnweb.freebsd.org/changeset/base/339411

Log:
  MFC r339211:
  
Fix the test prohibiting jails from sharing IP addresses.
  
It's not supposed to be legal for two jails to contain the same IP address,
unless both jails contain only that one address.  This is the behavior
documented in jail(8), and is there to prevent confusion when multiple
jails are listening on IADDR_ANY.
  
VIMAGE jails (now the default for GENERIC kernels) test this correctly,
but non-VIMAGE jails have been performing an incomplete test when nested
jails are used.

Modified:
  stable/11/sys/kern/kern_jail.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/kern/kern_jail.c
==
--- stable/11/sys/kern/kern_jail.c  Wed Oct 17 16:17:56 2018
(r339410)
+++ stable/11/sys/kern/kern_jail.c  Wed Oct 17 16:17:57 2018
(r339411)
@@ -1411,11 +1411,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
 * there is a duplicate on a jail with more than one
 * IP stop checking and return error.
 */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
@@ -1478,11 +1479,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
}
}
/* Check for conflicting IP addresses. */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r339410 - stable/10/sys/kern

2018-10-17 Thread Jamie Gritton 
Author: jamie
Date: Wed Oct 17 16:17:56 2018
New Revision: 339410
URL: https://svnweb.freebsd.org/changeset/base/339410

Log:
  MFC r339211:
  
Fix the test prohibiting jails from sharing IP addresses.
  
It's not supposed to be legal for two jails to contain the same IP address,
unless both jails contain only that one address.  This is the behavior
documented in jail(8), and is there to prevent confusion when multiple
jails are listening on IADDR_ANY.
  
VIMAGE jails (now the default for GENERIC kernels) test this correctly,
but non-VIMAGE jails have been performing an incomplete test when nested
jails are used.

Modified:
  stable/10/sys/kern/kern_jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Wed Oct 17 16:11:43 2018
(r339409)
+++ stable/10/sys/kern/kern_jail.c  Wed Oct 17 16:17:56 2018
(r339410)
@@ -1478,11 +1478,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
 * there is a duplicate on a jail with more than one
 * IP stop checking and return error.
 */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
@@ -1544,11 +1545,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
}
}
/* Check for conflicting IP addresses. */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r339409 - in head: sys/kern sys/sys usr.sbin/jail

2018-10-17 Thread Jamie Gritton 
Author: jamie
Date: Wed Oct 17 16:11:43 2018
New Revision: 339409
URL: https://svnweb.freebsd.org/changeset/base/339409

Log:
  Add a new jail permission, allow.read_msgbuf.  When true, jailed processes
  can see the dmesg buffer (this is the current behavior).  When false (the
  new default), dmesg will be unavailable to jailed users, whether root or
  not.
  
  The security.bsd.unprivileged_read_msgbuf sysctl still works as before,
  controlling system-wide whether non-root users can see the buffer.
  
  PR:   211580
  Submitted by: bz
  Approved by:  re@ (kib@)
  MFC after:3 days

Modified:
  head/sys/kern/kern_jail.c
  head/sys/kern/kern_priv.c
  head/sys/kern/subr_prf.c
  head/sys/sys/jail.h
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Oct 17 14:51:43 2018(r339408)
+++ head/sys/kern/kern_jail.c   Wed Oct 17 16:11:43 2018(r339409)
@@ -193,6 +193,7 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = 
{"allow.mlock", "allow.nomlock", PR_ALLOW_MLOCK},
{"allow.reserved_ports", "allow.noreserved_ports",
 PR_ALLOW_RESERVED_PORTS},
+   {"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF},
 };
 const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
 
@@ -3350,6 +3351,15 @@ prison_priv_check(struct ucred *cred, int priv)
case PRIV_PROC_SETLOGINCLASS:
return (0);
 
+   /*
+* Do not allow a process inside a jail read the kernel
+* message buffer unless explicitly permitted.
+*/
+   case PRIV_MSGBUF:
+   if (cred->cr_prison->pr_allow & PR_ALLOW_READ_MSGBUF)
+   return (0);
+   return (EPERM);
+
default:
/*
 * In all remaining cases, deny the privilege request.  This
@@ -3770,6 +3780,8 @@ SYSCTL_JAIL_PARAM(_allow, mlock, CTLTYPE_INT | CTLFLAG
 "B", "Jail may lock (unlock) physical pages in memory");
 SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT | CTLFLAG_RW,
 "B", "Jail may bind sockets to reserved ports");
+SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW,
+"B", "Jail may read the kernel message buffer");
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,

Modified: head/sys/kern/kern_priv.c
==
--- head/sys/kern/kern_priv.c   Wed Oct 17 14:51:43 2018(r339408)
+++ head/sys/kern/kern_priv.c   Wed Oct 17 16:11:43 2018(r339409)
@@ -62,6 +62,11 @@ static int   unprivileged_mlock = 1;
 SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN,
 _mlock, 0, "Allow non-root users to call mlock(2)");
 
+static int unprivileged_read_msgbuf = 1;
+SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf,
+CTLFLAG_RW, _read_msgbuf, 0,
+"Unprivileged processes may read the kernel message buffer");
+
 SDT_PROVIDER_DEFINE(priv);
 SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__ok, "int");
 SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__err, "int");
@@ -104,6 +109,17 @@ priv_check_cred(struct ucred *cred, int priv, int flag
switch (priv) {
case PRIV_VM_MLOCK:
case PRIV_VM_MUNLOCK:
+   error = 0;
+   goto out;
+   }
+   }
+
+   if (unprivileged_read_msgbuf) {
+   /*
+* Allow an unprivileged user to read the kernel message
+* buffer.
+*/
+   if (priv == PRIV_MSGBUF) {
error = 0;
goto out;
}

Modified: head/sys/kern/subr_prf.c
==
--- head/sys/kern/subr_prf.cWed Oct 17 14:51:43 2018(r339408)
+++ head/sys/kern/subr_prf.cWed Oct 17 16:11:43 2018(r339409)
@@ -1053,11 +1053,6 @@ msgbufinit(void *ptr, int size)
oldp = msgbufp;
 }
 
-static int unprivileged_read_msgbuf = 1;
-SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf,
-CTLFLAG_RW, _read_msgbuf, 0,
-"Unprivileged processes may read the kernel message buffer");
-
 /* Sysctls for accessing/clearing the msgbuf */
 static int
 sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS)
@@ -1066,11 +1061,9 @@ sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS)
u_int seq;
int error, len;
 
-   if (!unprivileged_read_msgbuf) {
-   error = priv_check(req->td, PRIV_MSGBUF);
-   if (error)
-   return (error);
-   }
+   error = priv_check(req->td, PRIV_MSGBUF);
+   if (error)
+   return (error);
 
/* Read the whole buffer, one chunk at a

svn commit: r339211 - head/sys/kern

2018-10-05 Thread Jamie Gritton 
Author: jamie
Date: Sat Oct  6 02:10:32 2018
New Revision: 339211
URL: https://svnweb.freebsd.org/changeset/base/339211

Log:
  Fix the test prohibiting jails from sharing IP addresses.
  
  It's not supposed to be legal for two jails to contain the same IP address,
  unless both jails contain only that one address.  This is the behavior
  documented in jail(8), and is there to prevent confusion when multiple
  jails are listening on IADDR_ANY.
  
  VIMAGE jails (now the default for GENERIC kernels) test this correctly,
  but non-VIMAGE jails have been performing an incomplete test when nested
  jails are used.
  
  Approved by:  re@ (kib@)
  MFC after:5 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Fri Oct  5 21:10:03 2018(r339210)
+++ head/sys/kern/kern_jail.c   Sat Oct  6 02:10:32 2018(r339211)
@@ -1393,11 +1393,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
 * there is a duplicate on a jail with more than one
 * IP stop checking and return error.
 */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
@@ -1460,11 +1461,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
}
}
/* Check for conflicting IP addresses. */
-   tppr = ppr;
 #ifdef VIMAGE
-   for (; tppr !=  tppr = tppr->pr_parent)
+   for (tppr = ppr; tppr !=  tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
+#else
+   tppr = 
 #endif
FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) {
if (tpr == pr ||
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r338091 - stable/10/usr.sbin/jail

2018-08-19 Thread Jamie Gritton 
Author: jamie
Date: Mon Aug 20 05:32:42 2018
New Revision: 338091
URL: https://svnweb.freebsd.org/changeset/base/338091

Log:
  MFC r337867:
  
Don't let clobber jailparam values when checking for modification of
init-only parameters.
  
  PR:   230487
  Submitted by: Jason Mader

Modified:
  stable/10/usr.sbin/jail/jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/jail/jail.c
==
--- stable/10/usr.sbin/jail/jail.c  Mon Aug 20 05:32:40 2018
(r338090)
+++ stable/10/usr.sbin/jail/jail.c  Mon Aug 20 05:32:42 2018
(r338091)
@@ -800,8 +800,10 @@ rdtun_params(struct cfjail *j, int dofail)
exit(1);
}
for (jp = j->jp; jp < j->jp + j->njp; jp++)
-   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid"))
+   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) {
*++rtjp = *jp;
+   rtjp->jp_value = NULL;
+   }
rval = 0;
if (jailparam_get(rtparams, nrt,
bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) {
@@ -812,8 +814,11 @@ rdtun_params(struct cfjail *j, int dofail)
jp->jp_valuelen == 0 &&
*(int *)jp->jp_value) &&
!(rtjp->jp_valuelen == jp->jp_valuelen &&
-   !memcmp(rtjp->jp_value, jp->jp_value,
-   jp->jp_valuelen))) {
+   !((jp->jp_ctltype & CTLTYPE) ==
+   CTLTYPE_STRING ? strncmp(rtjp->jp_value,
+   jp->jp_value, jp->jp_valuelen) :
+   memcmp(rtjp->jp_value, jp->jp_value,
+   jp->jp_valuelen {
if (dofail) {
jail_warnx(j, "%s cannot be "
"changed after creation",
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r338090 - stable/11/usr.sbin/jail

2018-08-19 Thread Jamie Gritton 
Author: jamie
Date: Mon Aug 20 05:32:40 2018
New Revision: 338090
URL: https://svnweb.freebsd.org/changeset/base/338090

Log:
  MFC r337867:
  
Don't let clobber jailparam values when checking for modification of
init-only parameters.
  
  PR:   230487
  Submitted by: Jason Mader

Modified:
  stable/11/usr.sbin/jail/jail.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/usr.sbin/jail/jail.c
==
--- stable/11/usr.sbin/jail/jail.c  Mon Aug 20 04:56:37 2018
(r338089)
+++ stable/11/usr.sbin/jail/jail.c  Mon Aug 20 05:32:40 2018
(r338090)
@@ -802,8 +802,10 @@ rdtun_params(struct cfjail *j, int dofail)
exit(1);
}
for (jp = j->jp; jp < j->jp + j->njp; jp++)
-   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid"))
+   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) {
*++rtjp = *jp;
+   rtjp->jp_value = NULL;
+   }
rval = 0;
if (jailparam_get(rtparams, nrt,
bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) {
@@ -814,8 +816,11 @@ rdtun_params(struct cfjail *j, int dofail)
jp->jp_valuelen == 0 &&
*(int *)jp->jp_value) &&
!(rtjp->jp_valuelen == jp->jp_valuelen &&
-   !memcmp(rtjp->jp_value, jp->jp_value,
-   jp->jp_valuelen))) {
+   !((jp->jp_ctltype & CTLTYPE) ==
+   CTLTYPE_STRING ? strncmp(rtjp->jp_value,
+   jp->jp_value, jp->jp_valuelen) :
+   memcmp(rtjp->jp_value, jp->jp_value,
+   jp->jp_valuelen {
if (dofail) {
jail_warnx(j, "%s cannot be "
"changed after creation",
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r337925 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys

2018-08-16 Thread Jamie Gritton 
Author: jamie
Date: Thu Aug 16 19:09:43 2018
New Revision: 337925
URL: https://svnweb.freebsd.org/changeset/base/337925

Log:
  Revert r337922, except for some documention-only bits.  This needs to wait
  until user is changed to stop using jail(2).
  
  Differential Revision:D14791

Modified:
  head/lib/libc/sys/jail.2
  head/sys/compat/freebsd32/freebsd32_misc.c
  head/sys/compat/freebsd32/freebsd32_proto.h
  head/sys/compat/freebsd32/freebsd32_syscall.h
  head/sys/compat/freebsd32/freebsd32_syscalls.c
  head/sys/compat/freebsd32/freebsd32_sysent.c
  head/sys/compat/freebsd32/freebsd32_systrace_args.c
  head/sys/compat/freebsd32/syscalls.master
  head/sys/kern/init_sysent.c
  head/sys/kern/kern_jail.c
  head/sys/kern/syscalls.c
  head/sys/kern/syscalls.master
  head/sys/kern/systrace_args.c
  head/sys/sys/jail.h
  head/sys/sys/syscall.h
  head/sys/sys/syscall.mk
  head/sys/sys/syscallsubr.h
  head/sys/sys/sysproto.h

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Thu Aug 16 18:58:34 2018(r337924)
+++ head/lib/libc/sys/jail.2Thu Aug 16 19:09:43 2018(r337925)
@@ -25,10 +25,11 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd August 16, 2018
+.Dd February 8, 2012
 .Dt JAIL 2
 .Os
 .Sh NAME
+.Nm jail ,
 .Nm jail_get ,
 .Nm jail_set ,
 .Nm jail_remove ,
@@ -40,6 +41,8 @@
 .In sys/param.h
 .In sys/jail.h
 .Ft int
+.Fn jail "struct jail *jail"
+.Ft int
 .Fn jail_attach "int jid"
 .Ft int
 .Fn jail_remove "int jid"
@@ -50,7 +53,74 @@
 .Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
 .Sh DESCRIPTION
 The
+.Fn jail
+system call sets up a jail and locks the current process in it.
+.Pp
+The argument is a pointer to a structure describing the prison:
+.Bd -literal -offset indent
+struct jail {
+   uint32_tversion;
+   char*path;
+   char*hostname;
+   char*jailname;
+   unsigned intip4s;
+   unsigned intip6s;
+   struct in_addr  *ip4;
+   struct in6_addr *ip6;
+};
+.Ed
+.Pp
+.Dq Li version
+defines the version of the API in use.
+.Dv JAIL_API_VERSION
+is defined for the current version.
+.Pp
+The
+.Dq Li path
+pointer should be set to the directory which is to be the root of the
+prison.
+.Pp
+The
+.Dq Li hostname
+pointer can be set to the hostname of the prison.
+This can be changed
+from the inside of the prison.
+.Pp
+The
+.Dq Li jailname
+pointer is an optional name that can be assigned to the jail
+for example for management purposes.
+.Pp
+The
+.Dq Li ip4s
+and
+.Dq Li ip6s
+give the numbers of IPv4 and IPv6 addresses that will be passed
+via their respective pointers.
+.Pp
+The
+.Dq Li ip4
+and
+.Dq Li ip6
+pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
+the prison, or NULL if none.
+IPv4 addresses must be in network byte order.
+.Pp
+This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
+system call (see below), with the parameters
+.Va path ,
+.Va host.hostname ,
+.Va name ,
+.Va ip4.addr ,
+and
+.Va ip6.addr ,
+and with the
+.Dv JAIL_ATTACH
+flag.
+.Pp
+The
+.Fn jail_set
 system call creates a new jail, or modifies an existing one, and optionally
 locks the current process in it.
 Jail parameters are passed as an array of name-value pairs in the array
@@ -76,19 +146,13 @@ The current set of available parameters, and their for
 retrieved via the
 .Va security.jail.param
 sysctl MIB entry.
-Notable parameters include
+Notable parameters include those mentioned in the
+.Fn jail
+description above, as well as
 .Va jid
 and
-.Va name
-which identify the jail being created or modified,
-.Va path
-(the root directory of the jail),
-.Va host.hostname
-(the hostname of the jail), and
-.Va ip4.addr
-and
-.Va ip6.addr
-(IP addresses to assign to the jail).
+.Va name ,
+which identify the jail being created or modified.
 See
 .Xr jail 8
 for more information on the core jail parameters.
@@ -173,7 +237,8 @@ It will kill all processes belonging to the jail, and 
 of that jail.
 .Sh RETURN VALUES
 If successful,
-.Fn jail_set
+.Fn jail ,
+.Fn jail_set ,
 and
 .Fn jail_get
 return a non-negative integer, termed the jail identifier (JID).
@@ -184,6 +249,25 @@ to indicate the error.
 .Rv -std jail_attach jail_remove
 .Sh ERRORS
 The
+.Fn jail
+system call
+will fail if:
+.Bl -tag -width Er
+.It Bq Er EPERM
+This process is not allowed to create a jail, either because it is not
+the super-user, or because it would exceed the jail's
+.Va children.max
+limit.
+.It Bq Er EFAULT
+.Fa jail
+points to an address outside the allocated address space of the process.
+.It Bq Er EINVAL
+The version number of the argument is not correct.
+.It Bq Er EAGAIN
+No free JID could be found.
+.El
+.Pp
+The
 .Fn jail_set
 system call
 will fail if:
@@ -287,7 +371,8 @@ does not exist.
 .El
 .Pp
 Further
-.Fn jail_set
+.Fn jail ,
+.Fn jail_set ,
 and
 .Fn jail_attach
 call
@@ -301,7 +386,7 @@ manual

svn commit: r337922 - in head: lib/libc/gen lib/libc/sys share/man/man9 sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/freebsd32 sys/fs/nandfs sys/kern sys/sys sys/ufs/ufs

2018-08-16 Thread Jamie Gritton 
Author: jamie
Date: Thu Aug 16 18:40:16 2018
New Revision: 337922
URL: https://svnweb.freebsd.org/changeset/base/337922

Log:
  Put jail(2) under COMPAT_FREEBSD11.  It has been the "old" way of creating
  jails since FreeBSD 7.
  
  Along with the system call, put the various security.jail.allow_foo and
  security.jail.foo_allowed sysctls partly under COMPAT_FREEBSD11 (or
  BURN_BRIDGES).  These sysctls had two disparate uses: on the system side,
  they were global permissions for jails created via jail(2) which lacked
  fine-grained permission controls; inside a jail, they're read-only
  descriptions of what the current jail is allowed to do.  The first use
  is obsolete along with jail(2), but keep them for the second-read-only use.
  
  Differential Revision:D14791

Modified:
  head/lib/libc/gen/getvfsbyname.3
  head/lib/libc/sys/jail.2
  head/share/man/man9/VFS_SET.9
  head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
  head/sys/compat/freebsd32/freebsd32_misc.c
  head/sys/compat/freebsd32/freebsd32_proto.h
  head/sys/compat/freebsd32/freebsd32_syscall.h
  head/sys/compat/freebsd32/freebsd32_syscalls.c
  head/sys/compat/freebsd32/freebsd32_sysent.c
  head/sys/compat/freebsd32/freebsd32_systrace_args.c
  head/sys/compat/freebsd32/syscalls.master
  head/sys/fs/nandfs/nandfs_vnops.c
  head/sys/kern/init_sysent.c
  head/sys/kern/kern_jail.c
  head/sys/kern/syscalls.c
  head/sys/kern/syscalls.master
  head/sys/kern/systrace_args.c
  head/sys/sys/jail.h
  head/sys/sys/syscall.h
  head/sys/sys/syscall.mk
  head/sys/sys/syscallsubr.h
  head/sys/sys/sysproto.h
  head/sys/ufs/ufs/ufs_vnops.c

Modified: head/lib/libc/gen/getvfsbyname.3
==
--- head/lib/libc/gen/getvfsbyname.3Thu Aug 16 18:37:47 2018
(r337921)
+++ head/lib/libc/gen/getvfsbyname.3Thu Aug 16 18:40:16 2018
(r337922)
@@ -28,7 +28,7 @@
 .\" @(#)kvm_getvfsbyname.3 8.3 (Berkeley) 5/4/95
 .\" $FreeBSD$
 .\"
-.Dd August 30, 2016
+.Dd August 16, 2018
 .Dt GETVFSBYNAME 3
 .Os
 .Sh NAME
@@ -83,9 +83,10 @@ aliases some other mounted FS
 stores file names as Unicode
 .It Dv VFCF_JAIL
 can be mounted from within a jail if
-.Va security.jail.mount_allowed
-sysctl is set to
-.Dv 1
+.Va allow.mount
+and
+.Va allow.mount.
+jail parameters are set
 .It Dv VFCF_DELEGADMIN
 supports delegated administration if
 .Va vfs.usermount

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Thu Aug 16 18:37:47 2018(r337921)
+++ head/lib/libc/sys/jail.2Thu Aug 16 18:40:16 2018(r337922)
@@ -25,11 +25,10 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 8, 2012
+.Dd August 16, 2018
 .Dt JAIL 2
 .Os
 .Sh NAME
-.Nm jail ,
 .Nm jail_get ,
 .Nm jail_set ,
 .Nm jail_remove ,
@@ -41,8 +40,6 @@
 .In sys/param.h
 .In sys/jail.h
 .Ft int
-.Fn jail "struct jail *jail"
-.Ft int
 .Fn jail_attach "int jid"
 .Ft int
 .Fn jail_remove "int jid"
@@ -53,74 +50,7 @@
 .Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
 .Sh DESCRIPTION
 The
-.Fn jail
-system call sets up a jail and locks the current process in it.
-.Pp
-The argument is a pointer to a structure describing the prison:
-.Bd -literal -offset indent
-struct jail {
-   uint32_tversion;
-   char*path;
-   char*hostname;
-   char*jailname;
-   unsigned intip4s;
-   unsigned intip6s;
-   struct in_addr  *ip4;
-   struct in6_addr *ip6;
-};
-.Ed
-.Pp
-.Dq Li version
-defines the version of the API in use.
-.Dv JAIL_API_VERSION
-is defined for the current version.
-.Pp
-The
-.Dq Li path
-pointer should be set to the directory which is to be the root of the
-prison.
-.Pp
-The
-.Dq Li hostname
-pointer can be set to the hostname of the prison.
-This can be changed
-from the inside of the prison.
-.Pp
-The
-.Dq Li jailname
-pointer is an optional name that can be assigned to the jail
-for example for management purposes.
-.Pp
-The
-.Dq Li ip4s
-and
-.Dq Li ip6s
-give the numbers of IPv4 and IPv6 addresses that will be passed
-via their respective pointers.
-.Pp
-The
-.Dq Li ip4
-and
-.Dq Li ip6
-pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
-the prison, or NULL if none.
-IPv4 addresses must be in network byte order.
-.Pp
-This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
-system call (see below), with the parameters
-.Va path ,
-.Va host.hostname ,
-.Va name ,
-.Va ip4.addr ,
-and
-.Va ip6.addr ,
-and with the
-.Dv JAIL_ATTACH
-flag.
-.Pp
-The
-.Fn jail_set
 system call creates a new jail, or modifies an existing one, and optionally
 locks the current process in it.
 Jail parameters are passed as an array of name-value pairs in the array
@@ -146,13 +76,19 @@ The current set of available parameters, and their for
 retrieved via the
 .Va security.jail.param
 sysctl MIB entry.
-Notable

svn commit: r337919 - head/usr.sbin/jail

2018-08-16 Thread Jamie Gritton 
Author: jamie
Date: Thu Aug 16 18:30:49 2018
New Revision: 337919
URL: https://svnweb.freebsd.org/changeset/base/337919

Log:
  security.jail.enforce_statfs is handled by jail_set(2), so handling it in
  userspace jail(8) is redundant.
  
  Differential Revision:D14791

Modified:
  head/usr.sbin/jail/config.c
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/jailp.h

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Thu Aug 16 18:27:43 2018(r337918)
+++ head/usr.sbin/jail/config.c Thu Aug 16 18:30:49 2018(r337919)
@@ -106,7 +106,6 @@ static const struct ipspec intparams[] = {
 [KP_ALLOW_SOCKET_AF] = {"allow.socket_af", 0},
 [KP_ALLOW_SYSVIPC] =   {"allow.sysvipc",   0},
 [KP_DEVFS_RULESET] =   {"devfs_ruleset",   0},
-[KP_ENFORCE_STATFS] =  {"enforce_statfs",  0},
 [KP_HOST_HOSTNAME] =   {"host.hostname",   0},
 #ifdef INET
 [KP_IP4_ADDR] ={"ip4.addr",0},

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Thu Aug 16 18:27:43 2018(r337918)
+++ head/usr.sbin/jail/jail.c   Thu Aug 16 18:30:49 2018(r337919)
@@ -138,7 +138,6 @@ main(int argc, char **argv)
unsigned op, pi;
int ch, docf, error, i, oldcl, sysval;
int dflag, Rflag;
-   char enforce_statfs[4];
 #if defined(INET) || defined(INET6)
char *cs, *ncs;
 #endif
@@ -275,14 +274,6 @@ main(int argc, char **argv)
(sysval ? 1 : 0) ^
perm_sysctl[pi].rev
? NULL : "false");
-   }
-   sysvallen = sizeof(sysval);
-   if (sysctlbyname("security.jail.enforce_statfs",
-   , , NULL, 0) == 0) {
-   snprintf(enforce_statfs,
-   sizeof(enforce_statfs), "%d", sysval);
-   add_param(NULL, NULL, KP_ENFORCE_STATFS,
-   enforce_statfs);
}
}
} else if (op == JF_STOP) {

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Thu Aug 16 18:27:43 2018(r337918)
+++ head/usr.sbin/jail/jailp.h  Thu Aug 16 18:30:49 2018(r337919)
@@ -120,7 +120,6 @@ enum intparam {
KP_ALLOW_SOCKET_AF,
KP_ALLOW_SYSVIPC,
KP_DEVFS_RULESET,
-   KP_ENFORCE_STATFS,
KP_HOST_HOSTNAME,
 #ifdef INET
KP_IP4_ADDR,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r337879 - stable/11/lib/libjail

2018-08-15 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 15 22:32:43 2018
New Revision: 337879
URL: https://svnweb.freebsd.org/changeset/base/337879

Log:
  Load filesystem modules associated with allow.mount permissions.
  
  PR:   192092

Modified:
  stable/11/lib/libjail/jail.c

Modified: stable/11/lib/libjail/jail.c
==
--- stable/11/lib/libjail/jail.cWed Aug 15 22:25:05 2018
(r337878)
+++ stable/11/lib/libjail/jail.cWed Aug 15 22:32:43 2018
(r337879)
@@ -513,7 +513,18 @@ jailparam_set(struct jailparam *jp, unsigned njp, int 
}
jiov[i - 1].iov_base = nname;
jiov[i - 1].iov_len = strlen(nname) + 1;
-   
+   }
+   /*
+* Load filesystem modules associated with allow.mount
+* permissions.  Ignore failure, since the module may
+* be static, and even a failure to load is not a jail
+* error.
+*/
+   if (strncmp(jp[j].jp_name, "allow.mount.", 12) == 0) {
+   if (kldload(jp[j].jp_name + 12) < 0 &&
+   errno == ENOENT &&
+   strncmp(jp[j].jp_name + 12, "no", 2) == 0)
+   (void)kldload(jp[j].jp_name + 14);
}
} else {
/*
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r337880 - stable/10/lib/libjail

2018-08-15 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 15 22:32:55 2018
New Revision: 337880
URL: https://svnweb.freebsd.org/changeset/base/337880

Log:
  Load filesystem modules associated with allow.mount permissions.
  
  PR:   192092

Modified:
  stable/10/lib/libjail/jail.c

Modified: stable/10/lib/libjail/jail.c
==
--- stable/10/lib/libjail/jail.cWed Aug 15 22:32:43 2018
(r337879)
+++ stable/10/lib/libjail/jail.cWed Aug 15 22:32:55 2018
(r337880)
@@ -513,7 +513,18 @@ jailparam_set(struct jailparam *jp, unsigned njp, int 
}
jiov[i - 1].iov_base = nname;
jiov[i - 1].iov_len = strlen(nname) + 1;
-   
+   }
+   /*
+* Load filesystem modules associated with allow.mount
+* permissions.  Ignore failure, since the module may
+* be static, and even a failure to load is not a jail
+* error.
+*/
+   if (strncmp(jp[j].jp_name, "allow.mount.", 12) == 0) {
+   if (kldload(jp[j].jp_name + 12) < 0 &&
+   errno == ENOENT &&
+   strncmp(jp[j].jp_name + 12, "no", 2) == 0)
+   (void)kldload(jp[j].jp_name + 14);
}
} else {
/*
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r337876 - stable/10/lib/libjail

2018-08-15 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 15 21:38:44 2018
New Revision: 337876
URL: https://svnweb.freebsd.org/changeset/base/337876

Log:
  MFC r331332:
  
If a jail parameter isn't found, try loading a related kernel module.
  
  PR:   192092

Modified:
  stable/10/lib/libjail/jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/lib/libjail/jail.c
==
--- stable/10/lib/libjail/jail.cWed Aug 15 21:38:10 2018
(r337875)
+++ stable/10/lib/libjail/jail.cWed Aug 15 21:38:44 2018
(r337876)
@@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -57,6 +58,7 @@ __FBSDID("$FreeBSD$");
 static int jailparam_import_enum(const char **values, int nvalues,
 const char *valstr, size_t valsize, int *value);
 static int jailparam_type(struct jailparam *jp);
+static int kldload_param(const char *name);
 static char *noname(const char *name);
 static char *nononame(const char *name);
 
@@ -885,6 +887,9 @@ jailparam_type(struct jailparam *jp)
"sysctl(0.3.%s): %s", name, strerror(errno));
return (-1);
}
+   if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, ,
+   desc.s, strlen(desc.s)) >= 0)
+   goto mib_desc;
/*
 * The parameter probably doesn't exist.  But it might be
 * the "no" counterpart to a boolean.
@@ -1021,6 +1026,33 @@ jailparam_type(struct jailparam *jp)
jp->jp_valuelen = 0;
}
return (0);
+}
+
+/*
+ * Attempt to load a kernel module matching an otherwise nonexistent parameter.
+ */
+static int
+kldload_param(const char *name)
+{
+   int kl;
+
+   if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0)
+   kl = kldload("linux");
+   else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 ||
+   strcmp(name, "sysvshm") == 0)
+   kl = kldload(name);
+   else {
+   errno = ENOENT;
+   return (-1);
+   }
+   if (kl < 0 && errno == EEXIST) {
+   /*
+* In the module is already loaded, then it must not contain
+* the parameter.
+*/
+   errno = ENOENT;
+   }
+   return kl;
 }
 
 /*
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r337875 - stable/11/lib/libjail

2018-08-15 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 15 21:38:10 2018
New Revision: 337875
URL: https://svnweb.freebsd.org/changeset/base/337875

Log:
  MFC r331332:
  
If a jail parameter isn't found, try loading a related kernel module.
  
  PR:   192092

Modified:
  stable/11/lib/libjail/jail.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/lib/libjail/jail.c
==
--- stable/11/lib/libjail/jail.cWed Aug 15 21:38:06 2018
(r337874)
+++ stable/11/lib/libjail/jail.cWed Aug 15 21:38:10 2018
(r337875)
@@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -57,6 +58,7 @@ __FBSDID("$FreeBSD$");
 static int jailparam_import_enum(const char **values, int nvalues,
 const char *valstr, size_t valsize, int *value);
 static int jailparam_type(struct jailparam *jp);
+static int kldload_param(const char *name);
 static char *noname(const char *name);
 static char *nononame(const char *name);
 
@@ -885,6 +887,9 @@ jailparam_type(struct jailparam *jp)
"sysctl(0.3.%s): %s", name, strerror(errno));
return (-1);
}
+   if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, ,
+   desc.s, strlen(desc.s)) >= 0)
+   goto mib_desc;
/*
 * The parameter probably doesn't exist.  But it might be
 * the "no" counterpart to a boolean.
@@ -1021,6 +1026,33 @@ jailparam_type(struct jailparam *jp)
jp->jp_valuelen = 0;
}
return (0);
+}
+
+/*
+ * Attempt to load a kernel module matching an otherwise nonexistent parameter.
+ */
+static int
+kldload_param(const char *name)
+{
+   int kl;
+
+   if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0)
+   kl = kldload("linux");
+   else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 ||
+   strcmp(name, "sysvshm") == 0)
+   kl = kldload(name);
+   else {
+   errno = ENOENT;
+   return (-1);
+   }
+   if (kl < 0 && errno == EEXIST) {
+   /*
+* In the module is already loaded, then it must not contain
+* the parameter.
+*/
+   errno = ENOENT;
+   }
+   return kl;
 }
 
 /*
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r337867 - head/usr.sbin/jail

2018-08-15 Thread Jamie Gritton 
Author: jamie
Date: Wed Aug 15 20:23:17 2018
New Revision: 337867
URL: https://svnweb.freebsd.org/changeset/base/337867

Log:
  Don't let clobber jailparam values when checking for modification of
  init-only parameters.
  
  Compare string parameter values with strncmp, not memcmp.
  
  PR:   230487
  Reported by:  Jason Mader
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jail.c

Modified: head/usr.sbin/jail/jail.c
==
--- head/usr.sbin/jail/jail.c   Wed Aug 15 20:23:08 2018(r337866)
+++ head/usr.sbin/jail/jail.c   Wed Aug 15 20:23:17 2018(r337867)
@@ -803,8 +803,10 @@ rdtun_params(struct cfjail *j, int dofail)
exit(1);
}
for (jp = j->jp; jp < j->jp + j->njp; jp++)
-   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid"))
+   if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) {
*++rtjp = *jp;
+   rtjp->jp_value = NULL;
+   }
rval = 0;
if (jailparam_get(rtparams, nrt,
bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) {
@@ -815,8 +817,11 @@ rdtun_params(struct cfjail *j, int dofail)
jp->jp_valuelen == 0 &&
*(int *)jp->jp_value) &&
!(rtjp->jp_valuelen == jp->jp_valuelen &&
-   !memcmp(rtjp->jp_value, jp->jp_value,
-   jp->jp_valuelen))) {
+   !((jp->jp_ctltype & CTLTYPE) ==
+   CTLTYPE_STRING ? strncmp(rtjp->jp_value,
+   jp->jp_value, jp->jp_valuelen) :
+   memcmp(rtjp->jp_value, jp->jp_value,
+   jp->jp_valuelen {
if (dofail) {
jail_warnx(j, "%s cannot be "
"changed after creation",
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r336040 - in stable/11: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat

2018-07-06 Thread Jamie Gritton 
Author: jamie
Date: Fri Jul  6 19:10:11 2018
New Revision: 336040
URL: https://svnweb.freebsd.org/changeset/base/336040

Log:
  MFC r335921:
  
Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8),
 sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
 with names.
  
  PR:   229266
  Differential Revision:D16047

Modified:
  stable/11/lib/libugidfw/ugidfw.c
  stable/11/sbin/ipfw/Makefile
  stable/11/sbin/ipfw/ipfw.8
  stable/11/sbin/ipfw/ipfw2.c
  stable/11/usr.bin/cpuset/Makefile
  stable/11/usr.bin/cpuset/cpuset.1
  stable/11/usr.bin/cpuset/cpuset.c
  stable/11/usr.bin/sockstat/Makefile
  stable/11/usr.bin/sockstat/sockstat.1
  stable/11/usr.bin/sockstat/sockstat.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/lib/libugidfw/ugidfw.c
==
--- stable/11/lib/libugidfw/ugidfw.cFri Jul  6 19:10:07 2018
(r336039)
+++ stable/11/lib/libugidfw/ugidfw.cFri Jul  6 19:10:11 2018
(r336040)
@@ -32,9 +32,11 @@
  */
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -598,16 +600,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max
 }
 
 static int
+bsde_get_jailid(const char *name, size_t buflen, char *errstr)
+{
+   char *ep;
+   int jid;
+   struct iovec jiov[4];
+
+   /* Copy jail_getid(3) instead of messing with library dependancies */
+   jid = strtoul(name, , 10);
+   if (*name && !*ep)
+   return jid;
+   jiov[0].iov_base = __DECONST(char *, "name");
+   jiov[0].iov_len = sizeof("name");
+   jiov[1].iov_len = strlen(name) + 1;
+   jiov[1].iov_base = alloca(jiov[1].iov_len);
+   strcpy(jiov[1].iov_base, name);
+   if (errstr && buflen) {
+   jiov[2].iov_base = __DECONST(char *, "errmsg");
+   jiov[2].iov_len = sizeof("errmsg");
+   jiov[3].iov_base = errstr;
+   jiov[3].iov_len = buflen;
+   errstr[0] = 0;
+   jid = jail_get(jiov, 4, 0);
+   if (jid < 0 && !errstr[0])
+   snprintf(errstr, buflen, "jail_get: %s",
+   strerror(errno));
+   } else
+   jid = jail_get(jiov, 2, 0);
+   return jid;
+}
+
+static int
 bsde_parse_subject(int argc, char *argv[],
 struct mac_bsdextended_subject *subject, size_t buflen, char *errstr)
 {
int not_seen, flags;
int current, neg, nextnot;
-   char *endp;
uid_t uid_min, uid_max;
gid_t gid_min, gid_max;
int jid = 0;
-   long value;
 
current = 0;
flags = 0;
@@ -666,13 +697,9 @@ bsde_parse_subject(int argc, char *argv[],
snprintf(errstr, buflen, "one jail only");
return (-1);
}
-   value = strtol(argv[current+1], , 10);
-   if (*endp != '\0') {
-   snprintf(errstr, buflen, "invalid jid: '%s'",
-   argv[current+1]);
+   jid = bsde_get_jailid(argv[current+1], buflen, errstr);
+   if (jid < 0)
return (-1);
-   }
-   jid = value;
flags |= MBS_PRISON_DEFINED;
if (nextnot) {
neg ^= MBS_PRISON_DEFINED;

Modified: stable/11/sbin/ipfw/Makefile
==
--- stable/11/sbin/ipfw/MakefileFri Jul  6 19:10:07 2018
(r336039)
+++ stable/11/sbin/ipfw/MakefileFri Jul  6 19:10:11 2018
(r336040)
@@ -13,7 +13,7 @@ SRCS+=altq.c
 CFLAGS+=-DPF
 .endif
 
-LIBADD=util
+LIBADD=jail util
 MAN=   ipfw.8
 
 .include 

Modified: stable/11/sbin/ipfw/ipfw.8
==
--- stable/11/sbin/ipfw/ipfw.8  Fri Jul  6 19:10:07 2018(r336039)
+++ stable/11/sbin/ipfw/ipfw.8  Fri Jul  6 19:10:11 2018(r336040)
@@ -1,7 +1,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd June 28, 2018
+.Dd July 3, 2018
 .Dt IPFW 8
 .Os
 .Sh NAME
@@ -1535,10 +1535,10 @@ Matches all TCP or UDP packets sent by or received for
 A
 .Ar group
 may be specified by name or number.
-.It Cm jail Ar prisonID
+.It Cm jail Ar jail
 Matches all TCP or UDP packets sent by or received for the
-jail whos prison ID is
-.Ar prisonID .
+jail whose ID or name is
+.Ar jail .
 .It Cm icmptypes Ar types
 Matches ICMP packets whose ICMP type is in the list
 .Ar types .

Modified: stable/11/sbin/ipfw/ipfw2.c
==
--- stable/11/sbin/ipfw/ipfw2.c Fri Jul  6 19:10:07 2018(r336039)
+++

svn commit: r336039 - in stable/10: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat

2018-07-06 Thread Jamie Gritton 
Author: jamie
Date: Fri Jul  6 19:10:07 2018
New Revision: 336039
URL: https://svnweb.freebsd.org/changeset/base/336039

Log:
  MFC r335921:
  
Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8),
 sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
 with names.
  
  PR:   229266
  Differential Revision:D16047

Modified:
  stable/10/lib/libugidfw/ugidfw.c
  stable/10/sbin/ipfw/Makefile
  stable/10/sbin/ipfw/ipfw.8
  stable/10/sbin/ipfw/ipfw2.c
  stable/10/usr.bin/cpuset/Makefile
  stable/10/usr.bin/cpuset/cpuset.1
  stable/10/usr.bin/cpuset/cpuset.c
  stable/10/usr.bin/sockstat/Makefile
  stable/10/usr.bin/sockstat/sockstat.1
  stable/10/usr.bin/sockstat/sockstat.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/lib/libugidfw/ugidfw.c
==
--- stable/10/lib/libugidfw/ugidfw.cFri Jul  6 18:50:22 2018
(r336038)
+++ stable/10/lib/libugidfw/ugidfw.cFri Jul  6 19:10:07 2018
(r336039)
@@ -32,9 +32,11 @@
  */
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -599,16 +601,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max
 }
 
 int
+bsde_get_jailid(const char *name, size_t buflen, char *errstr)
+{
+   char *ep;
+   int jid;
+   struct iovec jiov[4];
+
+   /* Copy jail_getid(3) instead of messing with library dependancies */
+   jid = strtoul(name, , 10);
+   if (*name && !*ep)
+   return jid;
+   jiov[0].iov_base = __DECONST(char *, "name");
+   jiov[0].iov_len = sizeof("name");
+   jiov[1].iov_len = strlen(name) + 1;
+   jiov[1].iov_base = alloca(jiov[1].iov_len);
+   strcpy(jiov[1].iov_base, name);
+   if (errstr && buflen) {
+   jiov[2].iov_base = __DECONST(char *, "errmsg");
+   jiov[2].iov_len = sizeof("errmsg");
+   jiov[3].iov_base = errstr;
+   jiov[3].iov_len = buflen;
+   errstr[0] = 0;
+   jid = jail_get(jiov, 4, 0);
+   if (jid < 0 && !errstr[0])
+   snprintf(errstr, buflen, "jail_get: %s",
+   strerror(errno));
+   } else
+   jid = jail_get(jiov, 2, 0);
+   return jid;
+}
+
+static int
 bsde_parse_subject(int argc, char *argv[],
 struct mac_bsdextended_subject *subject, size_t buflen, char *errstr)
 {
int not_seen, flags;
int current, neg, nextnot;
-   char *endp;
uid_t uid_min, uid_max;
gid_t gid_min, gid_max;
int jid;
-   long value;
 
current = 0;
flags = 0;
@@ -667,13 +698,9 @@ bsde_parse_subject(int argc, char *argv[],
snprintf(errstr, buflen, "one jail only");
return (-1);
}
-   value = strtol(argv[current+1], , 10);
-   if (*endp != '\0') {
-   snprintf(errstr, buflen, "invalid jid: '%s'",
-   argv[current+1]);
+   jid = bsde_get_jailid(argv[current+1], buflen, errstr);
+   if (jid < 0)
return (-1);
-   }
-   jid = value;
flags |= MBS_PRISON_DEFINED;
if (nextnot) {
neg ^= MBS_PRISON_DEFINED;

Modified: stable/10/sbin/ipfw/Makefile
==
--- stable/10/sbin/ipfw/MakefileFri Jul  6 18:50:22 2018
(r336038)
+++ stable/10/sbin/ipfw/MakefileFri Jul  6 19:10:07 2018
(r336039)
@@ -11,8 +11,8 @@ SRCS+=altq.c
 CFLAGS+=-DPF
 .endif
 
-DPADD= ${LIBUTIL}
-LDADD= -lutil
+DPADD= ${LIBJAIL} ${LIBUTIL}
+LDADD= -ljail -lutil
 MAN=   ipfw.8
 
 .include 

Modified: stable/10/sbin/ipfw/ipfw.8
==
--- stable/10/sbin/ipfw/ipfw.8  Fri Jul  6 18:50:22 2018(r336038)
+++ stable/10/sbin/ipfw/ipfw.8  Fri Jul  6 19:10:07 2018(r336039)
@@ -1,7 +1,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 12, 2018
+.Dd July 3, 2018
 .Dt IPFW 8
 .Os
 .Sh NAME
@@ -1377,10 +1377,10 @@ Matches all TCP or UDP packets sent by or received for
 A
 .Ar group
 may be specified by name or number.
-.It Cm jail Ar prisonID
+.It Cm jail Ar jail
 Matches all TCP or UDP packets sent by or received for the
-jail whos prison ID is
-.Ar prisonID .
+jail whose ID or name is
+.Ar jail .
 .It Cm icmptypes Ar types
 Matches ICMP packets whose ICMP type is in the list
 .Ar types .

Modified: stable/10/sbin/ipfw/ipfw2.c
==
--- stable/10/sbin/ipfw/ipfw2.c Fri Jul  6

svn commit: r336038 - in head/sys: kern sys

2018-07-06 Thread Jamie Gritton 
Author: jamie
Date: Fri Jul  6 18:50:22 2018
New Revision: 336038
URL: https://svnweb.freebsd.org/changeset/base/336038

Log:
  Change prison_add_vfs() to the more generic prison_add_allow(), which
  can add any dynamic allow.* or allow.*.* parameter.  Also keep
  prison_add_vfs() as a wrapper.
  
  Differential Revision:D16146

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Fri Jul  6 17:39:48 2018(r336037)
+++ head/sys/kern/kern_jail.c   Fri Jul  6 18:50:22 2018(r336038)
@@ -3760,37 +3760,43 @@ SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLA
 "B", "Jail may mount/unmount jail-friendly file systems in general");
 
 /*
- * The VFS system will register jail-aware filesystems here.  They each get
- * a parameter allow.mount.xxxfs and a flag to check when a jailed user
- * attempts to mount.
+ * Add a dynamic parameter allow., or allow...  Return
+ * its associated bit in the pr_allow bitmask, or zero if the parameter was
+ * not created.
  */
-void
-prison_add_vfs(struct vfsconf *vfsp)
+unsigned
+prison_add_allow(const char *prefix, const char *name, const char 
*prefix_descr,
+const char *descr)
 {
-   char *allow_name, *allow_noname, *mount_allowed;
struct bool_flags *bf;
+   struct sysctl_oid *parent;
+   char *allow_name, *allow_noname, *allowed;
 #ifndef NO_SYSCTL_DESCR
-   char *descr;
+   char *descr_deprecated;
 #endif
unsigned allow_flag;
 
-   if (asprintf(_name, M_PRISON, "allow.mount.%s", vfsp->vfc_name) <
-   0 || asprintf(_noname, M_PRISON, "allow.mount.no%s",
-   vfsp->vfc_name) < 0) {
+   if (prefix
+   ? asprintf(_name, M_PRISON, "allow.%s.%s", prefix, name)
+   < 0 ||
+ asprintf(_noname, M_PRISON, "allow.%s.no%s", prefix, name)
+   < 0
+   : asprintf(_name, M_PRISON, "allow.%s", name) < 0 ||
+ asprintf(_noname, M_PRISON, "allow.no%s", name) < 0) {
free(allow_name, M_PRISON);
-   return;
+   return 0;
}
 
/*
-* See if this parameter has already beed added, i.e. if the filesystem
-* was previously loaded/unloaded.
+* See if this parameter has already beed added, i.e. a module was
+* previously loaded/unloaded.
 */
mtx_lock(_mtx);
for (bf = pr_flag_allow;
 bf < pr_flag_allow + nitems(pr_flag_allow) && bf->flag != 0;
 bf++) {
if (strcmp(bf->name, allow_name) == 0) {
-   vfsp->vfc_prison_flag = bf->flag;
+   allow_flag = bf->flag;
goto no_add;
}
}
@@ -3798,7 +3804,7 @@ prison_add_vfs(struct vfsconf *vfsp)
/*
 * Find a free bit in prison0's pr_allow, failing if there are none
 * (which shouldn't happen as long as we keep track of how many
-* filesystems are jail-aware).
+* potential dynamic flags exist).
 */
for (allow_flag = 1;; allow_flag <<= 1) {
if (allow_flag == 0)
@@ -3815,52 +3821,73 @@ prison_add_vfs(struct vfsconf *vfsp)
for (bf = pr_flag_allow; bf->flag != 0; bf++)
if (bf == pr_flag_allow + nitems(pr_flag_allow)) {
/* This should never happen, but is not fatal. */
+   allow_flag = 0;
goto no_add;
}
prison0.pr_allow |= allow_flag;
bf->name = allow_name;
bf->noname = allow_noname;
bf->flag = allow_flag;
-   vfsp->vfc_prison_flag = allow_flag;
mtx_unlock(_mtx);
 
/*
 * Create sysctls for the paramter, and the back-compat global
 * permission.
 */
-#ifndef NO_SYSCTL_DESCR
-   (void)asprintf(, M_TEMP, "Jail may mount the %s file system",
-   vfsp->vfc_name);
-#endif
-   (void)SYSCTL_ADD_PROC(NULL,
-   SYSCTL_CHILDREN(___security_jail_param_allow_mount),
-   OID_AUTO, vfsp->vfc_name, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+   parent = prefix
+   ? SYSCTL_ADD_NODE(NULL,
+ SYSCTL_CHILDREN(___security_jail_param_allow),
+ OID_AUTO, prefix, 0, 0, prefix_descr)
+   : ___security_jail_param_allow;
+   (void)SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(parent), OID_AUTO,
+   name, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
NULL, 0, sysctl_jail_param, "B", descr);
+   if ((prefix
+? asprintf(, M_TEMP, "%s_%s_allowed", prefix, name)
+: asprintf(, M_TEMP, "%s_allowed", name)) >= 0) {
 #ifndef NO_SYSCTL_DESCR
-   free(descr, M_TEMP);
+   (void)asprintf(_deprecated, M_TEMP, "%s (deprecated)",
+   descr);
 #endif
-   if

svn commit: r336035 - head/usr.bin/cpuset

2018-07-06 Thread Jamie Gritton 
Author: jamie
Date: Fri Jul  6 16:23:30 2018
New Revision: 336035
URL: https://svnweb.freebsd.org/changeset/base/336035

Log:
  Missed a bit of doc change from r335921.
  
  PR:   229266

Modified:
  head/usr.bin/cpuset/cpuset.1

Modified: head/usr.bin/cpuset/cpuset.1
==
--- head/usr.bin/cpuset/cpuset.1Fri Jul  6 16:22:26 2018
(r336034)
+++ head/usr.bin/cpuset/cpuset.1Fri Jul  6 16:23:30 2018
(r336035)
@@ -52,7 +52,7 @@
 .Op Fl c
 .Op Fl l Ar cpu-list
 .Op Fl n Ar policy:domain-list 
-.Op Fl j Ar jailid | Fl p Ar pid | Fl t Ar tid | Fl s Ar setid | Fl x Ar irq
+.Op Fl j Ar jail | Fl p Ar pid | Fl t Ar tid | Fl s Ar setid | Fl x Ar irq
 .Nm
 .Fl g
 .Op Fl cir
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r335921 - in head: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat

2018-07-03 Thread Jamie Gritton 
Author: jamie
Date: Tue Jul  3 23:47:20 2018
New Revision: 335921
URL: https://svnweb.freebsd.org/changeset/base/335921

Log:
  Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8),
   sockstat(1), ugidfw(8)
  These are the last of the jail-aware userland utilities that didn't work
   with names.
  
  PR:   229266
  MFC after:3 days
  Differential Revision:D16047

Modified:
  head/lib/libugidfw/ugidfw.c
  head/sbin/ipfw/Makefile
  head/sbin/ipfw/ipfw.8
  head/sbin/ipfw/ipfw2.c
  head/usr.bin/cpuset/Makefile
  head/usr.bin/cpuset/cpuset.1
  head/usr.bin/cpuset/cpuset.c
  head/usr.bin/sockstat/Makefile
  head/usr.bin/sockstat/sockstat.1
  head/usr.bin/sockstat/sockstat.c

Modified: head/lib/libugidfw/ugidfw.c
==
--- head/lib/libugidfw/ugidfw.c Tue Jul  3 23:45:02 2018(r335920)
+++ head/lib/libugidfw/ugidfw.c Tue Jul  3 23:47:20 2018(r335921)
@@ -34,9 +34,11 @@
  */
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -600,16 +602,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max
 }
 
 static int
+bsde_get_jailid(const char *name, size_t buflen, char *errstr)
+{
+   char *ep;
+   int jid;
+   struct iovec jiov[4];
+
+   /* Copy jail_getid(3) instead of messing with library dependancies */
+   jid = strtoul(name, , 10);
+   if (*name && !*ep)
+   return jid;
+   jiov[0].iov_base = __DECONST(char *, "name");
+   jiov[0].iov_len = sizeof("name");
+   jiov[1].iov_len = strlen(name) + 1;
+   jiov[1].iov_base = alloca(jiov[1].iov_len);
+   strcpy(jiov[1].iov_base, name);
+   if (errstr && buflen) {
+   jiov[2].iov_base = __DECONST(char *, "errmsg");
+   jiov[2].iov_len = sizeof("errmsg");
+   jiov[3].iov_base = errstr;
+   jiov[3].iov_len = buflen;
+   errstr[0] = 0;
+   jid = jail_get(jiov, 4, 0);
+   if (jid < 0 && !errstr[0])
+   snprintf(errstr, buflen, "jail_get: %s",
+   strerror(errno));
+   } else
+   jid = jail_get(jiov, 2, 0);
+   return jid;
+}
+
+static int
 bsde_parse_subject(int argc, char *argv[],
 struct mac_bsdextended_subject *subject, size_t buflen, char *errstr)
 {
int not_seen, flags;
int current, neg, nextnot;
-   char *endp;
uid_t uid_min, uid_max;
gid_t gid_min, gid_max;
int jid = 0;
-   long value;
 
current = 0;
flags = 0;
@@ -668,13 +699,9 @@ bsde_parse_subject(int argc, char *argv[],
snprintf(errstr, buflen, "one jail only");
return (-1);
}
-   value = strtol(argv[current+1], , 10);
-   if (*endp != '\0') {
-   snprintf(errstr, buflen, "invalid jid: '%s'",
-   argv[current+1]);
+   jid = bsde_get_jailid(argv[current+1], buflen, errstr);
+   if (jid < 0)
return (-1);
-   }
-   jid = value;
flags |= MBS_PRISON_DEFINED;
if (nextnot) {
neg ^= MBS_PRISON_DEFINED;

Modified: head/sbin/ipfw/Makefile
==
--- head/sbin/ipfw/Makefile Tue Jul  3 23:45:02 2018(r335920)
+++ head/sbin/ipfw/Makefile Tue Jul  3 23:47:20 2018(r335921)
@@ -13,7 +13,7 @@ SRCS+=altq.c
 CFLAGS+=-DPF
 .endif
 
-LIBADD=util
+LIBADD=jail util
 MAN=   ipfw.8
 
 .include 

Modified: head/sbin/ipfw/ipfw.8
==
--- head/sbin/ipfw/ipfw.8   Tue Jul  3 23:45:02 2018(r335920)
+++ head/sbin/ipfw/ipfw.8   Tue Jul  3 23:47:20 2018(r335921)
@@ -1,7 +1,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd June 28, 2018
+.Dd July 3, 2018
 .Dt IPFW 8
 .Os
 .Sh NAME
@@ -1535,10 +1535,10 @@ Matches all TCP or UDP packets sent by or received for
 A
 .Ar group
 may be specified by name or number.
-.It Cm jail Ar prisonID
+.It Cm jail Ar jail
 Matches all TCP or UDP packets sent by or received for the
-jail whos prison ID is
-.Ar prisonID .
+jail whose ID or name is
+.Ar jail .
 .It Cm icmptypes Ar types
 Matches ICMP packets whose ICMP type is in the list
 .Ar types .

Modified: head/sbin/ipfw/ipfw2.c
==
--- head/sbin/ipfw/ipfw2.c  Tue Jul  3 23:45:02 2018(r335920)
+++ head/sbin/ipfw/ipfw2.c  Tue Jul  3 23:47:20 2018(r335921)
@@ -32,6 +32,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include

svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/pse...

2018-05-04 Thread Jamie Gritton 
Author: jamie
Date: Fri May  4 20:54:27 2018
New Revision: 333263
URL: https://svnweb.freebsd.org/changeset/base/333263

Log:
  Make it easier for filesystems to count themselves as jail-enabled,
  by doing most of the work in a new function prison_add_vfs in kern_jail.c
  Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and
  the rest is taken care of.  This includes adding a jail parameter like
  allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed.
  Both of these used to be a static list of known filesystems, with
  predefined permission bits.
  
  Reviewed by:  kib
  Differential Revision:D14681

Modified:
  head/lib/libjail/jail.c
  head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c
  head/sys/compat/linprocfs/linprocfs.c
  head/sys/compat/linsysfs/linsysfs.c
  head/sys/fs/devfs/devfs_vfsops.c
  head/sys/fs/fdescfs/fdesc_vfsops.c
  head/sys/fs/nullfs/null_vfsops.c
  head/sys/fs/procfs/procfs.c
  head/sys/fs/pseudofs/pseudofs.h
  head/sys/fs/tmpfs/tmpfs_vfsops.c
  head/sys/kern/kern_jail.c
  head/sys/kern/vfs_init.c
  head/sys/kern/vfs_mount.c
  head/sys/kern/vfs_subr.c
  head/sys/sys/jail.h
  head/sys/sys/mount.h
  head/usr.sbin/jail/jail.8

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Fri May  4 20:38:26 2018(r333262)
+++ head/lib/libjail/jail.c Fri May  4 20:54:27 2018(r333263)
@@ -1048,7 +1048,13 @@ kldload_param(const char *name)
else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 ||
strcmp(name, "sysvshm") == 0)
kl = kldload(name);
-   else {
+   else if (strncmp(name, "allow.mount.", 12) == 0) {
+   /* Load the matching filesystem */
+   kl = kldload(name + 12);
+   if (kl < 0 && errno == ENOENT &&
+   strncmp(name + 12, "no", 2) == 0)
+   kl = kldload(name + 14);
+   } else {
errno = ENOENT;
return (-1);
}

Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.cFri May 
 4 20:38:26 2018(r333262)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.cFri May 
 4 20:54:27 2018(r333263)
@@ -1640,9 +1640,6 @@ zfs_mount(vfs_t *vfsp)
 
osname = spn.pn_path;
 #else  /* !illumos */
-   if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_ZFS))
-   return (SET_ERROR(EPERM));
-
if (vfs_getopt(vfsp->mnt_optnew, "from", (void **), NULL))
return (SET_ERROR(EINVAL));
 

Modified: head/sys/compat/linprocfs/linprocfs.c
==
--- head/sys/compat/linprocfs/linprocfs.c   Fri May  4 20:38:26 2018
(r333262)
+++ head/sys/compat/linprocfs/linprocfs.c   Fri May  4 20:54:27 2018
(r333263)
@@ -1652,7 +1652,7 @@ linprocfs_uninit(PFS_INIT_ARGS)
return (0);
 }
 
-PSEUDOFS(linprocfs, 1, PR_ALLOW_MOUNT_LINPROCFS);
+PSEUDOFS(linprocfs, 1, VFCF_JAIL);
 #if defined(__amd64__)
 MODULE_DEPEND(linprocfs, linux_common, 1, 1, 1);
 #else

Modified: head/sys/compat/linsysfs/linsysfs.c
==
--- head/sys/compat/linsysfs/linsysfs.c Fri May  4 20:38:26 2018
(r333262)
+++ head/sys/compat/linsysfs/linsysfs.c Fri May  4 20:54:27 2018
(r333263)
@@ -556,7 +556,7 @@ linsysfs_uninit(PFS_INIT_ARGS)
return (0);
 }
 
-PSEUDOFS(linsysfs, 1, PR_ALLOW_MOUNT_LINSYSFS);
+PSEUDOFS(linsysfs, 1, VFCF_JAIL);
 #if defined(__amd64__)
 MODULE_DEPEND(linsysfs, linux_common, 1, 1, 1);
 #else

Modified: head/sys/fs/devfs/devfs_vfsops.c
==
--- head/sys/fs/devfs/devfs_vfsops.cFri May  4 20:38:26 2018
(r333262)
+++ head/sys/fs/devfs/devfs_vfsops.cFri May  4 20:54:27 2018
(r333263)
@@ -83,9 +83,6 @@ devfs_mount(struct mount *mp)
if (mp->mnt_flag & MNT_ROOTFS)
return (EOPNOTSUPP);
 
-   if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_DEVFS))
-   return (EPERM);
-
rsnum = 0;
injail = jailed(td->td_ucred);
 

Modified: head/sys/fs/fdescfs/fdesc_vfsops.c
==
--- head/sys/fs/fdescfs/fdesc_vfsops.c  Fri May  4 20:38:26 2018
(r333262)
+++ head/sys/fs/fdescfs/fdesc_vfsops.c  Fri May  4 20:54:27 2018
(r333263)
@@ -81,12 +81,8 @@ static int
 fdesc_mount(struct mount *mp)
 {
struct fdescmount *fmp;
-   struct thread *td = curthread;
struct vnode *rvp;
int error;
-
-   if (!prison_allow(td->td_ucred,

svn commit: r331332 - head/lib/libjail

2018-03-21 Thread Jamie Gritton 
Author: jamie
Date: Wed Mar 21 23:50:46 2018
New Revision: 331332
URL: https://svnweb.freebsd.org/changeset/base/331332

Log:
  If a jail parameter isn't found, try loading a related kernel module.

Modified:
  head/lib/libjail/jail.c

Modified: head/lib/libjail/jail.c
==
--- head/lib/libjail/jail.c Wed Mar 21 23:46:26 2018(r331331)
+++ head/lib/libjail/jail.c Wed Mar 21 23:50:46 2018(r331332)
@@ -32,6 +32,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -59,6 +60,7 @@ __FBSDID("$FreeBSD$");
 static int jailparam_import_enum(const char **values, int nvalues,
 const char *valstr, size_t valsize, int *value);
 static int jailparam_type(struct jailparam *jp);
+static int kldload_param(const char *name);
 static char *noname(const char *name);
 static char *nononame(const char *name);
 
@@ -892,6 +894,9 @@ jailparam_type(struct jailparam *jp)
"sysctl(0.3.%s): %s", name, strerror(errno));
return (-1);
}
+   if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, ,
+   desc.s, strlen(desc.s)) >= 0)
+   goto mib_desc;
/*
 * The parameter probably doesn't exist.  But it might be
 * the "no" counterpart to a boolean.
@@ -1028,6 +1033,33 @@ jailparam_type(struct jailparam *jp)
jp->jp_valuelen = 0;
}
return (0);
+}
+
+/*
+ * Attempt to load a kernel module matching an otherwise nonexistent parameter.
+ */
+static int
+kldload_param(const char *name)
+{
+   int kl;
+
+   if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0)
+   kl = kldload("linux");
+   else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 ||
+   strcmp(name, "sysvshm") == 0)
+   kl = kldload(name);
+   else {
+   errno = ENOENT;
+   return (-1);
+   }
+   if (kl < 0 && errno == EEXIST) {
+   /*
+* In the module is already loaded, then it must not contain
+* the parameter.
+*/
+   errno = ENOENT;
+   }
+   return kl;
 }
 
 /*
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r331278 - head/sys/kern

2018-03-20 Thread Jamie Gritton 
Author: jamie
Date: Tue Mar 20 23:08:42 2018
New Revision: 331278
URL: https://svnweb.freebsd.org/changeset/base/331278

Log:
  Represent boolean jail options as an array of structures containing the
  flag and both the regular and "no" names, instead of two different string
  arrays whose indices need to match the flag's bit position.  This makes
  them similar to the say "jailsys" options are represented.
  
  Loop through either kind of option array with a structure pointer rather
  then an integer index.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Mar 20 23:08:04 2018(r331277)
+++ head/sys/kern/kern_jail.c   Tue Mar 20 23:08:42 2018(r331278)
@@ -115,6 +115,17 @@ struct prison prison0 = {
 };
 MTX_SYSINIT(prison0, _mtx, "jail mutex", MTX_DEF);
 
+struct bool_flags {
+   const char  *name;
+   const char  *noname;
+   unsigned flag;
+};
+struct jailsys_flags {
+   const char  *name;
+   unsigned disable;
+   unsigned new;
+};
+
 /* allprison, allprison_racct and lastprid are protected by allprison_lock. */
 struct sx allprison_lock;
 SX_SYSINIT(allprison_lock, _lock, "allprison");
@@ -145,86 +156,55 @@ static void prison_racct_detach(struct prison *pr);
  * as we cannot figure out the size of a sparse array, or an array without a
  * terminating entry.
  */
-static char *pr_flag_names[] = {
-   [0] = "persist",
+static struct bool_flags pr_flag_bool[] = {
+   {"persist", "nopersist", PR_PERSIST},
 #ifdef INET
-   [7] = "ip4.saddrsel",
+   {"ip4.saddrsel", "ip4.nosaddrsel", PR_IP4_SADDRSEL},
 #endif
 #ifdef INET6
-   [8] = "ip6.saddrsel",
+   {"ip6.saddrsel", "ip6.nosaddrsel", PR_IP6_SADDRSEL},
 #endif
 };
-const size_t pr_flag_names_size = sizeof(pr_flag_names);
+const size_t pr_flag_bool_size = sizeof(pr_flag_bool);
 
-static char *pr_flag_nonames[] = {
-   [0] = "nopersist",
-#ifdef INET
-   [7] = "ip4.nosaddrsel",
-#endif
-#ifdef INET6
-   [8] = "ip6.nosaddrsel",
-#endif
-};
-const size_t pr_flag_nonames_size = sizeof(pr_flag_nonames);
-
-struct jailsys_flags {
-   const char  *name;
-   unsigned disable;
-   unsigned new;
-} pr_flag_jailsys[] = {
-   { "host", 0, PR_HOST },
+static struct jailsys_flags pr_flag_jailsys[] = {
+   {"host", 0, PR_HOST},
 #ifdef VIMAGE
-   { "vnet", 0, PR_VNET },
+   {"vnet", 0, PR_VNET},
 #endif
 #ifdef INET
-   { "ip4", PR_IP4_USER, PR_IP4_USER },
+   {"ip4", PR_IP4_USER, PR_IP4_USER},
 #endif
 #ifdef INET6
-   { "ip6", PR_IP6_USER, PR_IP6_USER },
+   {"ip6", PR_IP6_USER, PR_IP6_USER},
 #endif
 };
 const size_t pr_flag_jailsys_size = sizeof(pr_flag_jailsys);
 
-static char *pr_allow_names[] = {
-   "allow.set_hostname",
-   "allow.sysvipc",
-   "allow.raw_sockets",
-   "allow.chflags",
-   "allow.mount",
-   "allow.quotas",
-   "allow.socket_af",
-   "allow.mount.devfs",
-   "allow.mount.nullfs",
-   "allow.mount.zfs",
-   "allow.mount.procfs",
-   "allow.mount.tmpfs",
-   "allow.mount.fdescfs",
-   "allow.mount.linprocfs",
-   "allow.mount.linsysfs",
-   "allow.reserved_ports",
+static struct bool_flags pr_flag_allow[] = {
+   {"allow.set_hostname", "allow.noset_hostname", PR_ALLOW_SET_HOSTNAME},
+   {"allow.sysvipc", "allow.nosysvipc", PR_ALLOW_SYSVIPC},
+   {"allow.raw_sockets", "allow.noraw_sockets", PR_ALLOW_RAW_SOCKETS},
+   {"allow.chflags", "allow.nochflags", PR_ALLOW_CHFLAGS},
+   {"allow.mount", "allow.nomount", PR_ALLOW_MOUNT},
+   {"allow.quotas", "allow.noquotas", PR_ALLOW_QUOTAS},
+   {"allow.socket_af", "allow.nosocket_af", PR_ALLOW_SOCKET_AF},
+   {"allow.mount.devfs", "allow.mount.nodevfs", PR_ALLOW_MOUNT_DEVFS},
+   {"allow.mount.nullfs", "allow.mount.nonullfs", PR_ALLOW_MOUNT_NULLFS},
+   {"allow.mount.zfs", "allow.mount.nozfs", PR_ALLOW_MOUNT_ZFS},
+   {"allow.mount.procfs", "allow.mount.noprocfs", PR_ALLOW_MOUNT_PROCFS},
+   {"allow.mount.tmpfs", "allow.mount.notmpfs", PR_ALLOW_MOUNT_TMPFS},
+   {"allow.mount.fdescfs", "allow.mount.nofdescfs",
+PR_ALLOW_MOUNT_FDESCFS},
+   {"allow.mount.linprocfs", "allow.mount.nolinprocfs",
+PR_ALLOW_MOUNT_LINPROCFS},
+   {"allow.mount.linsysfs", "allow.mount.nolinsysfs",
+PR_ALLOW_MOUNT_LINSYSFS},
+   {"allow.reserved_ports", "allow.noreserved_ports",
+PR_ALLOW_RESERVED_PORTS},
 };
-const size_t pr_allow_names_size = sizeof(pr_allow_names);
+const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
 
-static char *pr_allow_nonames[] = {
-   "allow.noset_hostname",
-   "allow.nosysvipc",
-   "allow.noraw_sockets",
-   "allow.nochflags",
-   "allow.nomount",
-   "allow.noquotas",
-   "allow.nosocket_af",
-

svn commit: r330743 - in head: etc/rc.d share/man/man5

2018-03-10 Thread Jamie Gritton 
Author: jamie
Date: Sat Mar 10 20:13:07 2018
New Revision: 330743
URL: https://svnweb.freebsd.org/changeset/base/330743

Log:
  Don't warn when the "hostname" rc variable is unset, but the hostname
  is already non-empty (common in jails).

Modified:
  head/etc/rc.d/hostname
  head/share/man/man5/rc.conf.5

Modified: head/etc/rc.d/hostname
==
--- head/etc/rc.d/hostname  Sat Mar 10 18:07:31 2018(r330742)
+++ head/etc/rc.d/hostname  Sat Mar 10 20:13:07 2018(r330743)
@@ -60,9 +60,11 @@ hostname_start()
# Have we got a hostname yet?
#
if [ -z "${hostname}" ]; then
-   # Null hostname is probably OK if DHCP is in use.
+   # Null hostname is probably OK if DHCP is in use,
+   # or when hostname is already set (common for jails).
#
-   if [ -z "`list_net_interfaces dhcp`" ]; then
+   if [ -z "`list_net_interfaces dhcp`" -a \
+-z "`/bin/hostname`" ]; then
warn "\$hostname is not set -- see rc.conf(5)."
fi
return

Modified: head/share/man/man5/rc.conf.5
==
--- head/share/man/man5/rc.conf.5   Sat Mar 10 18:07:31 2018
(r330742)
+++ head/share/man/man5/rc.conf.5   Sat Mar 10 20:13:07 2018
(r330743)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 15, 2018
+.Dd March 10, 2018
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -421,6 +421,9 @@ If
 .Xr dhclient 8
 is used to set the hostname via DHCP,
 this variable should be set to an empty string.
+Within a
+.Xr jail 8
+the hostname is generally already set and this variable may absent.
 If this value remains unset when the system is done booting
 your console login will display the default hostname of
 .Dq Amnesiac .
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r325783 - stable/10/sys/kern

2017-11-13 Thread Jamie Gritton 
Author: jamie
Date: Mon Nov 13 23:21:17 2017
New Revision: 325783
URL: https://svnweb.freebsd.org/changeset/base/325783

Log:
  MFC r297935:
  
Separate POSIX sem/shm objects in jails, by prepending the jail's path
name to the object's "path".  While the objects don't have real path
names, it's a filesystem-like namespace, which allows jails to be
kept to their own space, but still allows the system / jail parent to
access a jail's IPC.
  
  MFC r297936:
  
Separate POSIX mqueue objects in jails; actually, separate them by the
jail's root, so jails that don't have their own filesystem directory
also won't have their own mqueue namespace.
  
  MFC r297976:
  
Clean up some style(9) violations.
  
  MFC r298567:
  
 Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX
 message queues.
  
  PR:   208082
  Submitted by: delphij

Modified:
  stable/10/sys/kern/uipc_mqueue.c
  stable/10/sys/kern/uipc_sem.c
  stable/10/sys/kern/uipc_shm.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/uipc_mqueue.c
==
--- stable/10/sys/kern/uipc_mqueue.cMon Nov 13 22:16:47 2017
(r325782)
+++ stable/10/sys/kern/uipc_mqueue.cMon Nov 13 23:21:17 2017
(r325783)
@@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -60,8 +61,8 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -131,6 +132,7 @@ struct mqfs_node {
LIST_HEAD(,mqfs_node)   mn_children;
LIST_ENTRY(mqfs_node)   mn_sibling;
LIST_HEAD(,mqfs_vdata)  mn_vnodes;
+   const void  *mn_pr_root;
int mn_refcount;
mqfs_type_t mn_type;
int mn_deleted;
@@ -218,6 +220,7 @@ static uma_zone_t   mvdata_zone;
 static uma_zone_t  mqnoti_zone;
 static struct vop_vector   mqfs_vnodeops;
 static struct fileops  mqueueops;
+static unsignedmqfs_osd_jail_slot;
 
 /*
  * Directory structure construction and manipulation
@@ -235,6 +238,7 @@ static int  mqfs_destroy(struct mqfs_node *mn);
 static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
 static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
 static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct 
mqfs_node *pn);
+static int mqfs_prison_remove(void *obj, void *data);
 
 /*
  * Message queue construction and maniplation
@@ -435,6 +439,7 @@ mqfs_create_node(const char *name, int namelen, struct
 
node = mqnode_alloc();
strncpy(node->mn_name, name, namelen);
+   node->mn_pr_root = cred->cr_prison->pr_root;
node->mn_type = nodetype;
node->mn_refcount = 1;
vfs_timestamp(>mn_birth);
@@ -643,6 +648,9 @@ mqfs_init(struct vfsconf *vfc)
 {
struct mqfs_node *root;
struct mqfs_info *mi;
+   osd_method_t methods[PR_MAXMETHOD] = {
+   [PR_METHOD_REMOVE] = mqfs_prison_remove,
+   };
 
mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
@@ -669,6 +677,7 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
+   mqfs_osd_jail_slot = osd_jail_register(NULL, methods);
return (0);
 }
 
@@ -682,6 +691,7 @@ mqfs_uninit(struct vfsconf *vfc)
 
if (!unloadable)
return (EOPNOTSUPP);
+   osd_jail_deregister(mqfs_osd_jail_slot);
EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
mi = _data;
mqfs_destroy(mi->mi_root);
@@ -801,13 +811,17 @@ found:
  * Search a directory entry
  */
 static struct mqfs_node *
-mqfs_search(struct mqfs_node *pd, const char *name, int len)
+mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred 
*cred)
 {
struct mqfs_node *pn;
+   const void *pr_root;
 
sx_assert(>mn_info->mi_lock, SX_LOCKED);
+   pr_root = cred->cr_prison->pr_root;
LIST_FOREACH(pn, >mn_children, mn_sibling) {
-   if (strncmp(pn->mn_name, name, len) == 0 &&
+   /* Only match names within the same prison root directory */
+   if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) &&
+   strncmp(pn->mn_name, name, len) == 0 &&
pn->mn_name[len] == '\0')
return (pn);
}
@@ -879,7 +893,7 @@ mqfs_lookupx(struct vop_cachedlookup_args *ap)
 
/* named node */
sx_xlock(>mi_lock);
-   pn = mqfs_search(pd, pname, namelen);
+   pn = mqfs_search(pd, pname, namelen, cnp->cn_cred);
if (pn != NULL)

svn commit: r321796 - head/usr.bin/calendar/calendars

2017-07-31 Thread Jamie Gritton 
Author: jamie
Date: Mon Jul 31 15:29:44 2017
New Revision: 321796
URL: https://svnweb.freebsd.org/changeset/base/321796

Log:
  Add myself to the birthday calendar.
  
  Reminded by:  mckusick

Modified:
  head/usr.bin/calendar/calendars/calendar.freebsd

Modified: head/usr.bin/calendar/calendars/calendar.freebsd
==
--- head/usr.bin/calendar/calendars/calendar.freebsdMon Jul 31 15:24:40 
2017(r321795)
+++ head/usr.bin/calendar/calendars/calendar.freebsdMon Jul 31 15:29:44 
2017(r321796)
@@ -180,6 +180,7 @@
 05/19  Sofian Brabez  born in Toulouse, France, 1984
 05/20  Dan Moschuk  died in Burlington, Ontario, Canada, 2010
 05/21  Kris Kennaway  born in Winnipeg, Manitoba, Canada, 
1978
+05/22  James Gritton  born in San Francisco, California, 
United States, 1967
 05/22  Clive Tong-I Lin  born in Changhua, Taiwan, Republic 
of China, 1978
 05/22  Michael Bushkov  born in Rostov-on-Don, Russian 
Federation, 1985
 05/22  Rui Paulo  born in Evora, Portugal, 1986
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316193 - stable/10/usr.sbin/jail

2017-03-29 Thread Jamie Gritton 
Author: jamie
Date: Thu Mar 30 01:37:37 2017
New Revision: 316193
URL: https://svnweb.freebsd.org/changeset/base/316193

Log:
  MFC r316022,r316023:
  
Fix hexadecimal escape codes in jail.conf(5).
  
  PR:   218154
  Submitted by: Masahiro Konishi 

Modified:
  stable/10/usr.sbin/jail/jaillex.l
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/jail/jaillex.l
==
--- stable/10/usr.sbin/jail/jaillex.l   Thu Mar 30 01:37:34 2017
(r316192)
+++ stable/10/usr.sbin/jail/jaillex.l   Thu Mar 30 01:37:37 2017
(r316193)
@@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *++s - '0';
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *++s + (0xA - 'A');
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *++s + (0xa - 'a');
else
break;
@@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *d * 0x10 + (*++s - '0');
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *d * 0x10 + (*++s + (0xA - 'A'));
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *d * 0x10 + (*++s + (0xa - 'a'));
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316192 - stable/11/usr.sbin/jail

2017-03-29 Thread Jamie Gritton 
Author: jamie
Date: Thu Mar 30 01:37:34 2017
New Revision: 316192
URL: https://svnweb.freebsd.org/changeset/base/316192

Log:
  MFC r316022,r316023:
  
Fix hexadecimal escape codes in jail.conf(5).
  
  PR:   218154
  Submitted by: Masahiro Konishi 

Modified:
  stable/11/usr.sbin/jail/jaillex.l
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/usr.sbin/jail/jaillex.l
==
--- stable/11/usr.sbin/jail/jaillex.l   Thu Mar 30 01:30:27 2017
(r316191)
+++ stable/11/usr.sbin/jail/jaillex.l   Thu Mar 30 01:37:34 2017
(r316192)
@@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *++s - '0';
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *++s + (0xA - 'A');
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *++s + (0xa - 'a');
else
break;
@@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *d * 0x10 + (*++s - '0');
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *d * 0x10 + (*++s + (0xA - 'A'));
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *d * 0x10 + (*++s + (0xa - 'a'));
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316023 - head/usr.sbin/jail

2017-03-27 Thread Jamie Gritton 
Author: jamie
Date: Mon Mar 27 13:37:40 2017
New Revision: 316023
URL: https://svnweb.freebsd.org/changeset/base/316023

Log:
  Same as r316022 (Fix hexadecimal escape codes in jail.conf(5)),
  but do it right this time.
  
  Reported by:  Kyle Evans 
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jaillex.l

Modified: head/usr.sbin/jail/jaillex.l
==
--- head/usr.sbin/jail/jaillex.lMon Mar 27 13:27:39 2017
(r316022)
+++ head/usr.sbin/jail/jaillex.lMon Mar 27 13:37:40 2017
(r316023)
@@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *++s - '0';
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *++s + (0xA - 'A');
-   else if (s[1] >= 'a' && s[1] <= 'F')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *++s + (0xa - 'a');
else
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316022 - head/usr.sbin/jail

2017-03-27 Thread Jamie Gritton 
Author: jamie
Date: Mon Mar 27 13:27:39 2017
New Revision: 316022
URL: https://svnweb.freebsd.org/changeset/base/316022

Log:
  Fix hexadecimal escape codes in jail.conf(5).
  
  PR:   218154
  Submitted by: Masahiro Konishi 
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jaillex.l

Modified: head/usr.sbin/jail/jaillex.l
==
--- head/usr.sbin/jail/jaillex.lMon Mar 27 12:34:29 2017
(r316021)
+++ head/usr.sbin/jail/jaillex.lMon Mar 27 13:27:39 2017
(r316022)
@@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *++s - '0';
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *++s + (0xA - 'A');
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'F')
*d = *++s + (0xa - 'a');
else
break;
@@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in
*d = *d * 0x10 + (*++s - '0');
else if (s[1] >= 'A' && s[1] <= 'F')
*d = *d * 0x10 + (*++s + (0xA - 'A'));
-   else if (s[1] >= 'a' && s[1] <= 'a')
+   else if (s[1] >= 'a' && s[1] <= 'f')
*d = *d * 0x10 + (*++s + (0xa - 'a'));
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r310530 - head/usr.sbin/jls

2016-12-24 Thread Jamie Gritton 
Author: jamie
Date: Sat Dec 24 23:51:27 2016
New Revision: 310530
URL: https://svnweb.freebsd.org/changeset/base/310530

Log:
  Improve IP address list representation in libxo output.
  
  Extract decision-making about special-case printing of certain
  jail parameters into a function.
  
  Refactor emitting of IPv4 and IPv6 address lists into a function.
  
  Resulting user-facing changes:
  
  XO_VERSION is bumped to 2.
  
  In verbose mode (-v), IPv4 and IPv6-Addresses are now properly emitted
  as separate lists.
  This only affects the output in encoding styles, i.e. xml and json.
  
  {{
"__version": "1","__version": "2",
"jail-information": {"jail-information": {
  "jail": ["jail": [
{{
  "jid": 166,  "jid": 166,
  "hostname": "foo.com",   "hostname": "foo.com",
  "path": "/var/jail/foo", "path": "/var/jail/foo",
  "name": "foo",   "name": "foo",
  "state": "ACTIVE",   "state": "ACTIVE",
  "cpusetid": 2,   "cpusetid": 2,
  "ipv4_addrs": [  "ipv4_addrs": [
"10.1.1.1",  "10.1.1.1",
"10.1.1.2",  "10.1.1.2",
"10.1.1.3",  |   "10.1.1.3"
 > ],
 > "ipv6_addrs": [
"fe80::1000:1",  "fe80::1000:1",
"fe80::1000:2"   "fe80::1000:2"
  ]]
}}
  ]]
}}
  }}
  
  In -n mode, ip4.addr and ip6.addr are formatted in the encoding styles'
  native list types, e.g. instead of comma-separated lists, JSON arrays
  are printed.
  
  jls -n all --libxo json
   ...
   "ip4.addr": [
  "10.1.1.1",
  "10.1.1.2",
  "10.1.1.3"
],
"ip4.saddrsel": true,
"ip6.addr": [
  "fe80::1000:1",
  "fe80::1000:2"
],
...
  
  jls -n all --libxo xml
...
10.1.1.1
10.1.1.2
10.1.1.3
true
fe80::1000:1
fe80::1000:2
...
  
  PR:   215008
  Submitted by: Christian Schwarz 
  Differential Revision:https://reviews.freebsd.org/D8766

Modified:
  head/usr.sbin/jls/jls.c

Modified: head/usr.sbin/jls/jls.c
==
--- head/usr.sbin/jls/jls.c Sat Dec 24 23:43:14 2016(r310529)
+++ head/usr.sbin/jls/jls.c Sat Dec 24 23:51:27 2016(r310530)
@@ -51,7 +51,7 @@ __FBSDID("$FreeBSD$");
 #defineJP_USER 0x0100
 #defineJP_OPT  0x0200
 
-#define JLS_XO_VERSION "1"
+#define JLS_XO_VERSION "2"
 
 #definePRINT_DEFAULT   0x01
 #definePRINT_HEADER0x02
@@ -77,7 +77,10 @@ static int sort_param(const void *a, con
 static char *noname(const char *name);
 static char *nononame(const char *name);
 static int print_jail(int pflags, int jflags);
+static int special_print(int pflags, struct jailparam *param);
 static void quoted_print(int pflags, char *name, char *value);
+static void emit_ip_addr_list(int af_family, const char *list_name,
+   struct jailparam *param);
 
 int
 main(int argc, char **argv)
@@ -379,8 +382,7 @@ print_jail(int pflags, int jflags)
 {
char *nname, *xo_nname;
char **param_values;
-   int i, ai, jid, count, n, spc;
-   char ipbuf[INET6_ADDRSTRLEN];
+   int i, jid, n, spc;
 
jid = jailparam_get(params, nparams, jflags);
if (jid < 0)
@@ -401,29 +403,13 @@ print_jail(int pflags, int jflags)
n = 6;
 #ifdef INET
if (ip4_ok && !strcmp(params[n].jp_name, "ip4.addr")) {
-   count = params[n].jp_valuelen / sizeof(struct in_addr);
-   for (ai = 0; ai < count; ai++)
-   if (inet_ntop(AF_INET,
-   &((struct in_addr *)params[n].jp_value)[ai],
-   ipbuf, sizeof(ipbuf)) == NULL)
-   xo_err(1, "inet_ntop");
-   else {
-   xo_emit("{P:
}{l:ipv4_addrs}{P:\n}", ipbuf);
-   }
+   emit_ip_addr_list(AF_INET, "ipv4_addrs", params + n);
n++;
}
 #endif
 #ifdef INET6
if (ip6_ok && !strcmp(params[n].jp_name, "ip6.addr")) {
-   count = params[n].jp_valuelen / sizeof(struct in6_addr);
-

svn commit: r302959 - stable/10/etc/rc.d

2016-07-17 Thread Jamie Gritton 
Author: jamie
Date: Sun Jul 17 14:16:21 2016
New Revision: 302959
URL: https://svnweb.freebsd.org/changeset/base/302959

Log:
  MFC r302857:
  
Start jails non-parallel if jail_parallel_start is NO.  This was true
for an explicitly specified jail list; now it's also true for all jails.
  
  PR:   209112

Modified:
  stable/10/etc/rc.d/jail
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/rc.d/jail
==
--- stable/10/etc/rc.d/jail Sun Jul 17 14:15:08 2016(r302958)
+++ stable/10/etc/rc.d/jail Sun Jul 17 14:16:21 2016(r302959)
@@ -433,6 +433,9 @@ jail_start()
command=$jail_program
rc_flags=$jail_flags
command_args="-f $jail_conf -c"
+   if ! checkyesno jail_parallel_start; then
+   command_args="$command_args -p1"
+   fi
_tmp=`mktemp -t jail` || exit 3
if $command $rc_flags $command_args >> $_tmp 2>&1; then
$jail_jls jid name | while read _id _name; do
@@ -440,7 +443,7 @@ jail_start()
echo $_id > /var/run/jail_${_name}.id
done
else
-   tail -1 $_tmp
+   cat $_tmp
fi
rm -f $_tmp
echo '.'
@@ -527,7 +530,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command $rc_flags $command_args $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
@@ -550,7 +553,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command -q -f $_conf -r $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302958 - stable/10/usr.sbin/jail

2016-07-17 Thread Jamie Gritton 
Author: jamie
Date: Sun Jul 17 14:15:08 2016
New Revision: 302958
URL: https://svnweb.freebsd.org/changeset/base/302958

Log:
  MFC r302856:
  
  Fix up the order in which jail creation processes are run, to preserve
  the config file's order in the non-parallel-start case.
  
  PR:   209112

Modified:
  stable/10/usr.sbin/jail/command.c
  stable/10/usr.sbin/jail/jailp.h
  stable/10/usr.sbin/jail/state.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/jail/command.c
==
--- stable/10/usr.sbin/jail/command.c   Sun Jul 17 14:13:47 2016
(r302957)
+++ stable/10/usr.sbin/jail/command.c   Sun Jul 17 14:15:08 2016
(r302958)
@@ -92,9 +92,13 @@ next_command(struct cfjail *j)
int create_failed, stopping;
 
if (paralimit == 0) {
-   requeue(j, );
+   if (j->flags & JF_FROM_RUNQ)
+   requeue_head(j, );
+   else
+   requeue(j, );
return 1;
}
+   j->flags &= ~JF_FROM_RUNQ;
create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED;
stopping = (j->flags & JF_STOP) != 0;
comparam = *j->comparam;
@@ -160,20 +164,23 @@ next_command(struct cfjail *j)
 int
 finish_command(struct cfjail *j)
 {
+   struct cfjail *rj;
int error;
 
if (!(j->flags & JF_SLEEPQ))
return 0;
j->flags &= ~JF_SLEEPQ;
-   if (*j->comparam == IP_STOP_TIMEOUT)
-   {
+   if (*j->comparam == IP_STOP_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
j->pstatus = 0;
return 0;
}
paralimit++;
-   if (!TAILQ_EMPTY())
-   requeue(TAILQ_FIRST(), );
+   if (!TAILQ_EMPTY()) {
+   rj = TAILQ_FIRST();
+   rj->flags |= JF_FROM_RUNQ;
+   requeue(rj, );
+   }
error = 0;
if (j->flags & JF_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
@@ -259,7 +266,7 @@ next_proc(int nonblock)
 }
 
 /*
- * Run a single command for a jail, possible inside the jail.
+ * Run a single command for a jail, possibly inside the jail.
  */
 static int
 run_command(struct cfjail *j)

Modified: stable/10/usr.sbin/jail/jailp.h
==
--- stable/10/usr.sbin/jail/jailp.h Sun Jul 17 14:13:47 2016
(r302957)
+++ stable/10/usr.sbin/jail/jailp.h Sun Jul 17 14:15:08 2016
(r302958)
@@ -64,6 +64,7 @@
 #define JF_PERSIST 0x0100  /* Jail is temporarily persistent */
 #define JF_TIMEOUT 0x0200  /* A command (or process kill) timed out */
 #define JF_SLEEPQ  0x0400  /* Waiting on a command and/or timeout */
+#define JF_FROM_RUNQ   0x0800  /* Has already been on the run queue */
 
 #define JF_OP_MASK (JF_START | JF_SET | JF_STOP)
 #define JF_RESTART (JF_START | JF_STOP)
@@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void);
 extern int start_state(const char *target, int docf, unsigned state,
 int running);
 extern void requeue(struct cfjail *j, struct cfjails *queue);
+extern void requeue_head(struct cfjail *j, struct cfjails *queue);
 
 extern void yyerror(const char *);
 extern int yylex(void);

Modified: stable/10/usr.sbin/jail/state.c
==
--- stable/10/usr.sbin/jail/state.c Sun Jul 17 14:13:47 2016
(r302957)
+++ stable/10/usr.sbin/jail/state.c Sun Jul 17 14:15:08 2016
(r302958)
@@ -398,6 +398,14 @@ requeue(struct cfjail *j, struct cfjails
}
 }
 
+void
+requeue_head(struct cfjail *j, struct cfjails *queue)
+{
+TAILQ_REMOVE(j->queue, j, tq);
+TAILQ_INSERT_HEAD(queue, j, tq);
+j->queue = queue;
+}
+
 /*
  * Add a dependency edge between two jails.
  */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302956 - stable/10/etc/rc.d

2016-07-17 Thread Jamie Gritton 
Author: jamie
Date: Sun Jul 17 14:12:34 2016
New Revision: 302956
URL: https://svnweb.freebsd.org/changeset/base/302956

Log:
  MFC r302855:
  
  Wait for jails to complete startup if jail_parallel_start is YES,
  instead of assuming they'll take less than one second.
  
  PR:   203172
  Submitted by: dmitry2...@yandex.ru

Modified:
  stable/10/etc/rc.d/jail
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/rc.d/jail
==
--- stable/10/etc/rc.d/jail Sun Jul 17 14:07:51 2016(r302955)
+++ stable/10/etc/rc.d/jail Sun Jul 17 14:12:34 2016(r302956)
@@ -422,7 +422,7 @@ jail_status()
 
 jail_start()
 {
-   local _j _jv _jid _jl _id _name
+   local _j _jv _jid _id _name
 
if [ $# = 0 ]; then
return
@@ -452,29 +452,30 @@ jail_start()
# Start jails in parallel and then check jail id when
# jail_parallel_start is YES.
#
-   _jl=
for _j in $@; do
_j=$(echo $_j | tr /. _)
_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
parse_options $_j $_jv || continue
 
-   _jl="$_jl $_j"
eval rc_flags=\${jail_${_jv}_flags:-$jail_flags}
eval command=\${jail_${_jv}_program:-$jail_program}
command_args="-i -f $_conf -c $_j"
-   $command $rc_flags $command_args \
-   >/dev/null 2>&1  /var/run/jail_${_j}.id
-   else
-   echo " cannot start jail " \
-   "\"${_hostname:-${_j}}\": "
-   fi
+   (
+   _tmp=`mktemp -t jail_${_j}` || exit 3
+   if $command $rc_flags $command_args \
+   >> $_tmp 2>&1  /var/run/jail_${_j}.id
+   else
+   echo " cannot start jail " \
+   "\"${_hostname:-${_j}}\": "
+   cat $_tmp
+   fi
+   rm -f $_tmp
+   ) &
done
+   wait
else
#
# Start jails one-by-one when jail_parallel_start is NO.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302955 - stable/11/etc/rc.d

2016-07-17 Thread Jamie Gritton 
Author: jamie
Date: Sun Jul 17 14:07:51 2016
New Revision: 302955
URL: https://svnweb.freebsd.org/changeset/base/302955

Log:
  MFC r302857:
  
Start jails non-parallel if jail_parallel_start is NO.  This was true
for an explicitly specified jail list; now it's also true for all jails.
  
  PR:   209112
  Approved by:  re (gjb)

Modified:
  stable/11/etc/rc.d/jail
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/etc/rc.d/jail
==
--- stable/11/etc/rc.d/jail Sun Jul 17 14:06:17 2016(r302954)
+++ stable/11/etc/rc.d/jail Sun Jul 17 14:07:51 2016(r302955)
@@ -451,6 +451,9 @@ jail_start()
command=$jail_program
rc_flags=$jail_flags
command_args="-f $jail_conf -c"
+   if ! checkyesno jail_parallel_start; then
+   command_args="$command_args -p1"
+   fi
_tmp=`mktemp -t jail` || exit 3
if $command $rc_flags $command_args >> $_tmp 2>&1; then
$jail_jls jid name | while read _id _name; do
@@ -458,7 +461,7 @@ jail_start()
echo $_id > /var/run/jail_${_name}.id
done
else
-   tail -1 $_tmp
+   cat $_tmp
fi
rm -f $_tmp
echo '.'
@@ -545,7 +548,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command $rc_flags $command_args $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
@@ -568,7 +571,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command -q -f $_conf -r $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302954 - stable/11/usr.sbin/jail

2016-07-17 Thread Jamie Gritton 
Author: jamie
Date: Sun Jul 17 14:06:17 2016
New Revision: 302954
URL: https://svnweb.freebsd.org/changeset/base/302954

Log:
  MFC r302856:
  
Fix up the order in which jail creation processes are run, to preserve
the config file's order in the non-parallel-start case.
  
  PR:   209112
  Approved by:  re (gjb)

Modified:
  stable/11/usr.sbin/jail/command.c
  stable/11/usr.sbin/jail/jailp.h
  stable/11/usr.sbin/jail/state.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/usr.sbin/jail/command.c
==
--- stable/11/usr.sbin/jail/command.c   Sun Jul 17 14:05:11 2016
(r302953)
+++ stable/11/usr.sbin/jail/command.c   Sun Jul 17 14:06:17 2016
(r302954)
@@ -92,9 +92,13 @@ next_command(struct cfjail *j)
int create_failed, stopping;
 
if (paralimit == 0) {
-   requeue(j, );
+   if (j->flags & JF_FROM_RUNQ)
+   requeue_head(j, );
+   else
+   requeue(j, );
return 1;
}
+   j->flags &= ~JF_FROM_RUNQ;
create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED;
stopping = (j->flags & JF_STOP) != 0;
comparam = *j->comparam;
@@ -160,20 +164,23 @@ next_command(struct cfjail *j)
 int
 finish_command(struct cfjail *j)
 {
+   struct cfjail *rj;
int error;
 
if (!(j->flags & JF_SLEEPQ))
return 0;
j->flags &= ~JF_SLEEPQ;
-   if (*j->comparam == IP_STOP_TIMEOUT)
-   {
+   if (*j->comparam == IP_STOP_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
j->pstatus = 0;
return 0;
}
paralimit++;
-   if (!TAILQ_EMPTY())
-   requeue(TAILQ_FIRST(), );
+   if (!TAILQ_EMPTY()) {
+   rj = TAILQ_FIRST();
+   rj->flags |= JF_FROM_RUNQ;
+   requeue(rj, );
+   }
error = 0;
if (j->flags & JF_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
@@ -259,7 +266,7 @@ next_proc(int nonblock)
 }
 
 /*
- * Run a single command for a jail, possible inside the jail.
+ * Run a single command for a jail, possibly inside the jail.
  */
 static int
 run_command(struct cfjail *j)

Modified: stable/11/usr.sbin/jail/jailp.h
==
--- stable/11/usr.sbin/jail/jailp.h Sun Jul 17 14:05:11 2016
(r302953)
+++ stable/11/usr.sbin/jail/jailp.h Sun Jul 17 14:06:17 2016
(r302954)
@@ -64,6 +64,7 @@
 #define JF_PERSIST 0x0100  /* Jail is temporarily persistent */
 #define JF_TIMEOUT 0x0200  /* A command (or process kill) timed out */
 #define JF_SLEEPQ  0x0400  /* Waiting on a command and/or timeout */
+#define JF_FROM_RUNQ   0x0800  /* Has already been on the run queue */
 
 #define JF_OP_MASK (JF_START | JF_SET | JF_STOP)
 #define JF_RESTART (JF_START | JF_STOP)
@@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void);
 extern int start_state(const char *target, int docf, unsigned state,
 int running);
 extern void requeue(struct cfjail *j, struct cfjails *queue);
+extern void requeue_head(struct cfjail *j, struct cfjails *queue);
 
 extern void yyerror(const char *);
 extern int yylex(void);

Modified: stable/11/usr.sbin/jail/state.c
==
--- stable/11/usr.sbin/jail/state.c Sun Jul 17 14:05:11 2016
(r302953)
+++ stable/11/usr.sbin/jail/state.c Sun Jul 17 14:06:17 2016
(r302954)
@@ -397,6 +397,14 @@ requeue(struct cfjail *j, struct cfjails
}
 }
 
+void
+requeue_head(struct cfjail *j, struct cfjails *queue)
+{
+TAILQ_REMOVE(j->queue, j, tq);
+TAILQ_INSERT_HEAD(queue, j, tq);
+j->queue = queue;
+}
+
 /*
  * Add a dependency edge between two jails.
  */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302953 - stable/11/etc/rc.d

2016-07-17 Thread Jamie Gritton 
Author: jamie
Date: Sun Jul 17 14:05:11 2016
New Revision: 302953
URL: https://svnweb.freebsd.org/changeset/base/302953

Log:
  MFC r302855:
  
Wait for jails to complete startup if jail_parallel_start is YES,
instead of assuming they'll take less than one second.
  
  PR:   203172
  Submitted by: dmitry2...@yandex.ru
  Approved by:  re (gjb)

Modified:
  stable/11/etc/rc.d/jail
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/etc/rc.d/jail
==
--- stable/11/etc/rc.d/jail Sun Jul 17 13:43:46 2016(r302952)
+++ stable/11/etc/rc.d/jail Sun Jul 17 14:05:11 2016(r302953)
@@ -440,7 +440,7 @@ jail_status()
 
 jail_start()
 {
-   local _j _jv _jid _jl _id _name
+   local _j _jv _jid _id _name
 
if [ $# = 0 ]; then
return
@@ -470,29 +470,30 @@ jail_start()
# Start jails in parallel and then check jail id when
# jail_parallel_start is YES.
#
-   _jl=
for _j in $@; do
_j=$(echo $_j | tr /. _)
_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
parse_options $_j $_jv || continue
 
-   _jl="$_jl $_j"
eval rc_flags=\${jail_${_jv}_flags:-$jail_flags}
eval command=\${jail_${_jv}_program:-$jail_program}
command_args="-i -f $_conf -c $_j"
-   $command $rc_flags $command_args \
-   >/dev/null 2>&1  /var/run/jail_${_j}.id
-   else
-   echo " cannot start jail " \
-   "\"${_hostname:-${_j}}\": "
-   fi
+   (
+   _tmp=`mktemp -t jail_${_j}` || exit 3
+   if $command $rc_flags $command_args \
+   >> $_tmp 2>&1  /var/run/jail_${_j}.id
+   else
+   echo " cannot start jail " \
+   "\"${_hostname:-${_j}}\": "
+   cat $_tmp
+   fi
+   rm -f $_tmp
+   ) &
done
+   wait
else
#
# Start jails one-by-one when jail_parallel_start is NO.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302857 - head/etc/rc.d

2016-07-14 Thread Jamie Gritton 
Author: jamie
Date: Thu Jul 14 20:17:08 2016
New Revision: 302857
URL: https://svnweb.freebsd.org/changeset/base/302857

Log:
  Start jails non-parallel if jail_parallel_start is NO.  This was true
  for an explicitly specified jail list; now it's also true for all jails.
  
  PR:   209112
  MFC after:3 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Thu Jul 14 20:15:55 2016(r302856)
+++ head/etc/rc.d/jail  Thu Jul 14 20:17:08 2016(r302857)
@@ -451,6 +451,9 @@ jail_start()
command=$jail_program
rc_flags=$jail_flags
command_args="-f $jail_conf -c"
+   if ! checkyesno jail_parallel_start; then
+   command_args="$command_args -p1"
+   fi
_tmp=`mktemp -t jail` || exit 3
if $command $rc_flags $command_args >> $_tmp 2>&1; then
$jail_jls jid name | while read _id _name; do
@@ -458,7 +461,7 @@ jail_start()
echo $_id > /var/run/jail_${_name}.id
done
else
-   tail -1 $_tmp
+   cat $_tmp
fi
rm -f $_tmp
echo '.'
@@ -545,7 +548,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command $rc_flags $command_args $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
@@ -568,7 +571,7 @@ jail_stop()
_tmp=`mktemp -t jail` || exit 3
$command -q -f $_conf -r $_j >> $_tmp 2>&1
if $jail_jls -j $_j > /dev/null 2>&1; then
-   tail -1 $_tmp
+   cat $_tmp
else
rm -f /var/run/jail_${_j}.id
fi
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302856 - head/usr.sbin/jail

2016-07-14 Thread Jamie Gritton 
Author: jamie
Date: Thu Jul 14 20:15:55 2016
New Revision: 302856
URL: https://svnweb.freebsd.org/changeset/base/302856

Log:
  Fix up the order in which jail creation processes are run, to preserve
  the config file's order in the non-parallel-start case.
  
  PR:   209112
  MFC after:3 days

Modified:
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/jailp.h
  head/usr.sbin/jail/state.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cThu Jul 14 19:51:54 2016
(r302855)
+++ head/usr.sbin/jail/command.cThu Jul 14 20:15:55 2016
(r302856)
@@ -92,9 +92,13 @@ next_command(struct cfjail *j)
int create_failed, stopping;
 
if (paralimit == 0) {
-   requeue(j, );
+   if (j->flags & JF_FROM_RUNQ)
+   requeue_head(j, );
+   else
+   requeue(j, );
return 1;
}
+   j->flags &= ~JF_FROM_RUNQ;
create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED;
stopping = (j->flags & JF_STOP) != 0;
comparam = *j->comparam;
@@ -160,20 +164,23 @@ next_command(struct cfjail *j)
 int
 finish_command(struct cfjail *j)
 {
+   struct cfjail *rj;
int error;
 
if (!(j->flags & JF_SLEEPQ))
return 0;
j->flags &= ~JF_SLEEPQ;
-   if (*j->comparam == IP_STOP_TIMEOUT)
-   {
+   if (*j->comparam == IP_STOP_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
j->pstatus = 0;
return 0;
}
paralimit++;
-   if (!TAILQ_EMPTY())
-   requeue(TAILQ_FIRST(), );
+   if (!TAILQ_EMPTY()) {
+   rj = TAILQ_FIRST();
+   rj->flags |= JF_FROM_RUNQ;
+   requeue(rj, );
+   }
error = 0;
if (j->flags & JF_TIMEOUT) {
j->flags &= ~JF_TIMEOUT;
@@ -259,7 +266,7 @@ next_proc(int nonblock)
 }
 
 /*
- * Run a single command for a jail, possible inside the jail.
+ * Run a single command for a jail, possibly inside the jail.
  */
 static int
 run_command(struct cfjail *j)

Modified: head/usr.sbin/jail/jailp.h
==
--- head/usr.sbin/jail/jailp.h  Thu Jul 14 19:51:54 2016(r302855)
+++ head/usr.sbin/jail/jailp.h  Thu Jul 14 20:15:55 2016(r302856)
@@ -64,6 +64,7 @@
 #define JF_PERSIST 0x0100  /* Jail is temporarily persistent */
 #define JF_TIMEOUT 0x0200  /* A command (or process kill) timed out */
 #define JF_SLEEPQ  0x0400  /* Waiting on a command and/or timeout */
+#define JF_FROM_RUNQ   0x0800  /* Has already been on the run queue */
 
 #define JF_OP_MASK (JF_START | JF_SET | JF_STOP)
 #define JF_RESTART (JF_START | JF_STOP)
@@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void);
 extern int start_state(const char *target, int docf, unsigned state,
 int running);
 extern void requeue(struct cfjail *j, struct cfjails *queue);
+extern void requeue_head(struct cfjail *j, struct cfjails *queue);
 
 extern void yyerror(const char *);
 extern int yylex(void);

Modified: head/usr.sbin/jail/state.c
==
--- head/usr.sbin/jail/state.c  Thu Jul 14 19:51:54 2016(r302855)
+++ head/usr.sbin/jail/state.c  Thu Jul 14 20:15:55 2016(r302856)
@@ -397,6 +397,14 @@ requeue(struct cfjail *j, struct cfjails
}
 }
 
+void
+requeue_head(struct cfjail *j, struct cfjails *queue)
+{
+TAILQ_REMOVE(j->queue, j, tq);
+TAILQ_INSERT_HEAD(queue, j, tq);
+j->queue = queue;
+}
+
 /*
  * Add a dependency edge between two jails.
  */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r302855 - head/etc/rc.d

2016-07-14 Thread Jamie Gritton 
Author: jamie
Date: Thu Jul 14 19:51:54 2016
New Revision: 302855
URL: https://svnweb.freebsd.org/changeset/base/302855

Log:
  Wait for jails to complete startup if jail_parallel_start is YES,
  instead of assuming they'll take less than one second.
  
  PR:   203172
  Submitted by: dmitry2...@yandex.ru

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Thu Jul 14 18:49:05 2016(r302854)
+++ head/etc/rc.d/jail  Thu Jul 14 19:51:54 2016(r302855)
@@ -440,7 +440,7 @@ jail_status()
 
 jail_start()
 {
-   local _j _jv _jid _jl _id _name
+   local _j _jv _jid _id _name
 
if [ $# = 0 ]; then
return
@@ -470,29 +470,30 @@ jail_start()
# Start jails in parallel and then check jail id when
# jail_parallel_start is YES.
#
-   _jl=
for _j in $@; do
_j=$(echo $_j | tr /. _)
_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
parse_options $_j $_jv || continue
 
-   _jl="$_jl $_j"
eval rc_flags=\${jail_${_jv}_flags:-$jail_flags}
eval command=\${jail_${_jv}_program:-$jail_program}
command_args="-i -f $_conf -c $_j"
-   $command $rc_flags $command_args \
-   >/dev/null 2>&1  /var/run/jail_${_j}.id
-   else
-   echo " cannot start jail " \
-   "\"${_hostname:-${_j}}\": "
-   fi
+   (
+   _tmp=`mktemp -t jail_${_j}` || exit 3
+   if $command $rc_flags $command_args \
+   >> $_tmp 2>&1  /var/run/jail_${_j}.id
+   else
+   echo " cannot start jail " \
+   "\"${_hostname:-${_j}}\": "
+   cat $_tmp
+   fi
+   rm -f $_tmp
+   ) &
done
+   wait
else
#
# Start jails one-by-one when jail_parallel_start is NO.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301910 - stable/10/sys/kern

2016-06-14 Thread Jamie Gritton 
Author: jamie
Date: Wed Jun 15 01:59:55 2016
New Revision: 301910
URL: https://svnweb.freebsd.org/changeset/base/301910

Log:
  MFC r301764:
  
Fix a vnode leak when giving a child jail a too-long path when
debug.disablefullpath=1.

Modified:
  stable/10/sys/kern/kern_jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:58:54 2016
(r301909)
+++ stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:59:55 2016
(r301910)
@@ -1022,6 +1022,7 @@ kern_jail_set(struct thread *td, struct 
if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/")
? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
error = ENAMETOOLONG;
+   vrele(root);
goto done_free;
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301909 - stable/10/sys/kern

2016-06-14 Thread Jamie Gritton 
Author: jamie
Date: Wed Jun 15 01:58:54 2016
New Revision: 301909
URL: https://svnweb.freebsd.org/changeset/base/301909

Log:
  MFC r301760:
  
Re-order some jail parameter reading to prevent a vnode leak.

Modified:
  stable/10/sys/kern/kern_jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:57:22 2016
(r301908)
+++ stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:58:54 2016
(r301909)
@@ -932,6 +932,46 @@ kern_jail_set(struct thread *td, struct 
}
 #endif
 
+   error = vfs_getopt(opts, "osrelease", (void **), );
+   if (error == ENOENT)
+   osrelstr = NULL;
+   else if (error != 0)
+   goto done_free;
+   else {
+   if (flags & JAIL_UPDATE) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osrelease cannot be changed after creation");
+   goto done_errmsg;
+   }
+   if (len == 0 || len >= OSRELEASELEN) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osrelease string must be 1-%d bytes long",
+   OSRELEASELEN - 1);
+   goto done_errmsg;
+   }
+   }
+
+   error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt));
+   if (error == ENOENT)
+   osreldt = 0;
+   else if (error != 0)
+   goto done_free;
+   else {
+   if (flags & JAIL_UPDATE) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osreldate cannot be changed after creation");
+   goto done_errmsg;
+   }
+   if (osreldt == 0) {
+   error = EINVAL;
+   vfs_opterror(opts, "osreldate cannot be 0");
+   goto done_errmsg;
+   }
+   }
+
fullpath_disabled = 0;
root = NULL;
error = vfs_getopt(opts, "path", (void **), );
@@ -987,46 +1027,6 @@ kern_jail_set(struct thread *td, struct 
}
}
 
-   error = vfs_getopt(opts, "osrelease", (void **), );
-   if (error == ENOENT)
-   osrelstr = NULL;
-   else if (error != 0)
-   goto done_free;
-   else {
-   if (flags & JAIL_UPDATE) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osrelease cannot be changed after creation");
-   goto done_errmsg;
-   }
-   if (len == 0 || len >= OSRELEASELEN) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osrelease string must be 1-%d bytes long",
-   OSRELEASELEN - 1);
-   goto done_errmsg;
-   }
-   }
-
-   error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt));
-   if (error == ENOENT)
-   osreldt = 0;
-   else if (error != 0)
-   goto done_free;
-   else {
-   if (flags & JAIL_UPDATE) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osreldate cannot be changed after creation");
-   goto done_errmsg;
-   }
-   if (osreldt == 0) {
-   error = EINVAL;
-   vfs_opterror(opts, "osreldate cannot be 0");
-   goto done_errmsg;
-   }
-   }
-
/*
 * Find the specified jail, or at least its parent.
 * This abuses the file error codes ENOENT and EEXIST.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301908 - stable/10/sys/kern

2016-06-14 Thread Jamie Gritton 
Author: jamie
Date: Wed Jun 15 01:57:22 2016
New Revision: 301908
URL: https://svnweb.freebsd.org/changeset/base/301908

Log:
  MFC r301758:
  
Clean up some logic in jail error messages, replacing a missing test and
a redundant test with a single correct test.

Modified:
  stable/10/sys/kern/kern_jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:56:20 2016
(r301907)
+++ stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:57:22 2016
(r301908)
@@ -1943,19 +1943,17 @@ kern_jail_set(struct thread *td, struct 
vrele(root);
  done_errmsg:
if (error) {
-   vfs_getopt(opts, "errmsg", (void **), _len);
-   if (errmsg_len > 0) {
+   if (vfs_getopt(opts, "errmsg", (void **),
+   _len) == 0 && errmsg_len > 0) {
errmsg_pos = 2 * vfs_getopt_pos(opts, "errmsg") + 1;
-   if (errmsg_pos > 0) {
-   if (optuio->uio_segflg == UIO_SYSSPACE)
-   bcopy(errmsg,
-  optuio->uio_iov[errmsg_pos].iov_base,
-  errmsg_len);
-   else
-   copyout(errmsg,
-  optuio->uio_iov[errmsg_pos].iov_base,
-  errmsg_len);
-   }
+   if (optuio->uio_segflg == UIO_SYSSPACE)
+   bcopy(errmsg,
+   optuio->uio_iov[errmsg_pos].iov_base,
+   errmsg_len);
+   else
+   copyout(errmsg,
+   optuio->uio_iov[errmsg_pos].iov_base,
+   errmsg_len);
}
}
  done_free:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301907 - stable/10/sys/kern

2016-06-14 Thread Jamie Gritton 
Author: jamie
Date: Wed Jun 15 01:56:20 2016
New Revision: 301907
URL: https://svnweb.freebsd.org/changeset/base/301907

Log:
  MFC r301745:
  
Make sure the OSD methods for jail set and remove can't run concurrently,
by holding allprison_lock exclusively (even if only for a moment before
downgrading) on all paths that call PR_METHOD_REMOVE.  Since they may run
on a downgraded lock, it's still possible for them to run concurrently
with PR_METHOD_GET, which will need to use the prison lock.

Modified:
  stable/10/sys/kern/kern_jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:54:17 2016
(r301906)
+++ stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:56:20 2016
(r301907)
@@ -2400,7 +2400,14 @@ sys_jail_attach(struct thread *td, struc
if (error)
return (error);
 
-   sx_slock(_lock);
+   /*
+* Start with exclusive hold on allprison_lock to ensure that a possible
+* PR_METHOD_REMOVE call isn't concurrent with jail_set or jail_remove.
+* But then immediately downgrade it since we don't need to stop
+* readers.
+*/
+   sx_xlock(_lock);
+   sx_downgrade(_lock);
pr = prison_find_child(td->td_ucred->cr_prison, uap->jid);
if (pr == NULL) {
sx_sunlock(_lock);
@@ -2618,9 +2625,11 @@ prison_complete(void *context, int pendi
 {
struct prison *pr = context;
 
+   sx_xlock(_lock);
mtx_lock(>pr_mtx);
prison_deref(pr, pr->pr_uref
-   ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED);
+   ? PD_DEREF | PD_DEUREF | PD_LOCKED | PD_LIST_XLOCKED
+   : PD_LOCKED | PD_LIST_XLOCKED);
 }
 
 /*
@@ -2664,13 +2673,8 @@ prison_deref(struct prison *pr, int flag
 */
if (lasturef) {
if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) {
-   if (ref > 1) {
-   sx_slock(_lock);
-   flags |= PD_LIST_SLOCKED;
-   } else {
-   sx_xlock(_lock);
-   flags |= PD_LIST_XLOCKED;
-   }
+   sx_xlock(_lock);
+   flags |= PD_LIST_XLOCKED;
}
(void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
mtx_lock(>pr_mtx);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301906 - stable/10/sys/kern

2016-06-14 Thread Jamie Gritton 
Author: jamie
Date: Wed Jun 15 01:54:17 2016
New Revision: 301906
URL: https://svnweb.freebsd.org/changeset/base/301906

Log:
  MFC r301737:
  
Remove a comment that was part of copied code, and is misleading in
the new location.

Modified:
  stable/10/sys/kern/sysv_msg.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/sysv_msg.c
==
--- stable/10/sys/kern/sysv_msg.c   Wed Jun 15 01:49:01 2016
(r301905)
+++ stable/10/sys/kern/sysv_msg.c   Wed Jun 15 01:54:17 2016
(r301906)
@@ -326,12 +326,6 @@ msgunload()
 #endif
 
for (msqid = 0; msqid < msginfo.msgmni; msqid++) {
-   /*
-* Look for an unallocated and unlocked msqid_ds.
-* msqid_ds's can be locked by msgsnd or msgrcv while
-* they are copying the message in/out.  We can't
-* re-use the entry until they release it.
-*/
msqkptr = [msqid];
if (msqkptr->u.msg_qbytes != 0 ||
(msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301905 - in stable/10: lib/libc/sys sys/kern

2016-06-14 Thread Jamie Gritton 
Author: jamie
Date: Wed Jun 15 01:49:01 2016
New Revision: 301905
URL: https://svnweb.freebsd.org/changeset/base/301905

Log:
  MFC r300983:
  
Mark jail(2), and the sysctls that it (and only it) uses as deprecated.
jail(8) has long used jail_set(2), and those sysctl only cause confusion.

Modified:
  stable/10/lib/libc/sys/jail.2
  stable/10/sys/kern/kern_jail.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/lib/libc/sys/jail.2
==
--- stable/10/lib/libc/sys/jail.2   Wed Jun 15 01:42:53 2016
(r301904)
+++ stable/10/lib/libc/sys/jail.2   Wed Jun 15 01:49:01 2016
(r301905)
@@ -106,7 +106,7 @@ pointers can be set to an arrays of IPv4
 the prison, or NULL if none.
 IPv4 addresses must be in network byte order.
 .Pp
-This is equivalent to the
+This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
 system call (see below), with the parameters
 .Va path ,

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:42:53 2016
(r301904)
+++ stable/10/sys/kern/kern_jail.c  Wed Jun 15 01:49:01 2016
(r301905)
@@ -4306,7 +4306,7 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vn
 #if defined(INET) || defined(INET6)
 SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
 _max_af_ips, 0,
-"Number of IP addresses a jail may have at most per address family");
+"Number of IP addresses a jail may have at most per address family 
(deprecated)");
 #endif
 
 /*
@@ -4346,59 +4346,59 @@ sysctl_jail_default_allow(SYSCTL_HANDLER
 SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I",
-"Processes in jail can set their hostnames");
+"Processes in jail can set their hostnames (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I",
-"Processes in jail are limited to creating UNIX/IP/route sockets only");
+"Processes in jail are limited to creating UNIX/IP/route sockets only 
(deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I",
-"Processes in jail can use System V IPC primitives");
+"Processes in jail can use System V IPC primitives (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I",
-"Prison root can create raw sockets");
+"Prison root can create raw sockets (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I",
-"Processes in jail can alter system file flags");
+"Processes in jail can alter system file flags (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I",
-"Processes in jail can mount/unmount jail-friendly file systems");
+"Processes in jail can mount/unmount jail-friendly file systems 
(deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_devfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the devfs file system");
+"Processes in jail can mount the devfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_fdescfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_FDESCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the fdescfs file system");
+"Processes in jail can mount the fdescfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the nullfs file system");
+"Processes in jail can mount the nullfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_procfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_PROCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the procfs file system");
+"Processes in jail can mount the procfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_linprocfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_LINPROCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the

svn commit: r301764 - head/sys/kern

2016-06-09 Thread Jamie Gritton 
Author: jamie
Date: Thu Jun  9 21:59:11 2016
New Revision: 301764
URL: https://svnweb.freebsd.org/changeset/base/301764

Log:
  Fix a vnode leak when giving a child jail a too-long path when
  debug.disablefullpath=1.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 21:57:34 2016(r301763)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 21:59:11 2016(r301764)
@@ -1010,6 +1010,7 @@ kern_jail_set(struct thread *td, struct 
if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/")
? strlen(mypr->pr_path) : 0) > MAXPATHLEN) {
error = ENAMETOOLONG;
+   vrele(root);
goto done_free;
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301760 - head/sys/kern

2016-06-09 Thread Jamie Gritton 
Author: jamie
Date: Thu Jun  9 20:43:14 2016
New Revision: 301760
URL: https://svnweb.freebsd.org/changeset/base/301760

Log:
  Re-order some jail parameter reading to prevent a vnode leak.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 20:40:12 2016(r301759)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 20:43:14 2016(r301760)
@@ -920,6 +920,46 @@ kern_jail_set(struct thread *td, struct 
}
 #endif
 
+   error = vfs_getopt(opts, "osrelease", (void **), );
+   if (error == ENOENT)
+   osrelstr = NULL;
+   else if (error != 0)
+   goto done_free;
+   else {
+   if (flags & JAIL_UPDATE) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osrelease cannot be changed after creation");
+   goto done_errmsg;
+   }
+   if (len == 0 || len >= OSRELEASELEN) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osrelease string must be 1-%d bytes long",
+   OSRELEASELEN - 1);
+   goto done_errmsg;
+   }
+   }
+
+   error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt));
+   if (error == ENOENT)
+   osreldt = 0;
+   else if (error != 0)
+   goto done_free;
+   else {
+   if (flags & JAIL_UPDATE) {
+   error = EINVAL;
+   vfs_opterror(opts,
+   "osreldate cannot be changed after creation");
+   goto done_errmsg;
+   }
+   if (osreldt == 0) {
+   error = EINVAL;
+   vfs_opterror(opts, "osreldate cannot be 0");
+   goto done_errmsg;
+   }
+   }
+
fullpath_disabled = 0;
root = NULL;
error = vfs_getopt(opts, "path", (void **), );
@@ -975,46 +1015,6 @@ kern_jail_set(struct thread *td, struct 
}
}
 
-   error = vfs_getopt(opts, "osrelease", (void **), );
-   if (error == ENOENT)
-   osrelstr = NULL;
-   else if (error != 0)
-   goto done_free;
-   else {
-   if (flags & JAIL_UPDATE) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osrelease cannot be changed after creation");
-   goto done_errmsg;
-   }
-   if (len == 0 || len >= OSRELEASELEN) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osrelease string must be 1-%d bytes long",
-   OSRELEASELEN - 1);
-   goto done_errmsg;
-   }
-   }
-
-   error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt));
-   if (error == ENOENT)
-   osreldt = 0;
-   else if (error != 0)
-   goto done_free;
-   else {
-   if (flags & JAIL_UPDATE) {
-   error = EINVAL;
-   vfs_opterror(opts,
-   "osreldate cannot be changed after creation");
-   goto done_errmsg;
-   }
-   if (osreldt == 0) {
-   error = EINVAL;
-   vfs_opterror(opts, "osreldate cannot be 0");
-   goto done_errmsg;
-   }
-   }
-
/*
 * Find the specified jail, or at least its parent.
 * This abuses the file error codes ENOENT and EEXIST.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301758 - head/sys/kern

2016-06-09 Thread Jamie Gritton 
Author: jamie
Date: Thu Jun  9 20:39:57 2016
New Revision: 301758
URL: https://svnweb.freebsd.org/changeset/base/301758

Log:
  Clean up some logic in jail error messages, replacing a missing test and
  a redundant test with a single correct test.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 20:23:30 2016(r301757)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 20:39:57 2016(r301758)
@@ -1929,19 +1929,17 @@ kern_jail_set(struct thread *td, struct 
vrele(root);
  done_errmsg:
if (error) {
-   vfs_getopt(opts, "errmsg", (void **), _len);
-   if (errmsg_len > 0) {
+   if (vfs_getopt(opts, "errmsg", (void **),
+   _len) == 0 && errmsg_len > 0) {
errmsg_pos = 2 * vfs_getopt_pos(opts, "errmsg") + 1;
-   if (errmsg_pos > 0) {
-   if (optuio->uio_segflg == UIO_SYSSPACE)
-   bcopy(errmsg,
-  optuio->uio_iov[errmsg_pos].iov_base,
-  errmsg_len);
-   else
-   copyout(errmsg,
-  optuio->uio_iov[errmsg_pos].iov_base,
-  errmsg_len);
-   }
+   if (optuio->uio_segflg == UIO_SYSSPACE)
+   bcopy(errmsg,
+   optuio->uio_iov[errmsg_pos].iov_base,
+   errmsg_len);
+   else
+   copyout(errmsg,
+   optuio->uio_iov[errmsg_pos].iov_base,
+   errmsg_len);
}
}
  done_free:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301745 - head/sys/kern

2016-06-09 Thread Jamie Gritton 
Author: jamie
Date: Thu Jun  9 16:41:41 2016
New Revision: 301745
URL: https://svnweb.freebsd.org/changeset/base/301745

Log:
  Make sure the OSD methods for jail set and remove can't run concurrently,
  by holding allprison_lock exclusively (even if only for a moment before
  downgrading) on all paths that call PR_METHOD_REMOVE.  Since they may run
  on a downgraded lock, it's still possible for them to run concurrently
  with PR_METHOD_GET, which will need to use the prison lock.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Thu Jun  9 16:30:27 2016(r301744)
+++ head/sys/kern/kern_jail.c   Thu Jun  9 16:41:41 2016(r301745)
@@ -2383,7 +2383,14 @@ sys_jail_attach(struct thread *td, struc
if (error)
return (error);
 
-   sx_slock(_lock);
+   /*
+* Start with exclusive hold on allprison_lock to ensure that a possible
+* PR_METHOD_REMOVE call isn't concurrent with jail_set or jail_remove.
+* But then immediately downgrade it since we don't need to stop
+* readers.
+*/
+   sx_xlock(_lock);
+   sx_downgrade(_lock);
pr = prison_find_child(td->td_ucred->cr_prison, uap->jid);
if (pr == NULL) {
sx_sunlock(_lock);
@@ -2601,9 +2608,11 @@ prison_complete(void *context, int pendi
 {
struct prison *pr = context;
 
+   sx_xlock(_lock);
mtx_lock(>pr_mtx);
prison_deref(pr, pr->pr_uref
-   ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED);
+   ? PD_DEREF | PD_DEUREF | PD_LOCKED | PD_LIST_XLOCKED
+   : PD_LOCKED | PD_LIST_XLOCKED);
 }
 
 /*
@@ -2647,13 +2656,8 @@ prison_deref(struct prison *pr, int flag
 */
if (lasturef) {
if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) {
-   if (ref > 1) {
-   sx_slock(_lock);
-   flags |= PD_LIST_SLOCKED;
-   } else {
-   sx_xlock(_lock);
-   flags |= PD_LIST_XLOCKED;
-   }
+   sx_xlock(_lock);
+   flags |= PD_LIST_XLOCKED;
}
(void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
mtx_lock(>pr_mtx);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r301737 - head/sys/kern

2016-06-09 Thread Jamie Gritton 
Author: jamie
Date: Thu Jun  9 15:34:33 2016
New Revision: 301737
URL: https://svnweb.freebsd.org/changeset/base/301737

Log:
  Remove a comment that was part of copied code, and is misleading in
  the new location.

Modified:
  head/sys/kern/sysv_msg.c

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cThu Jun  9 15:19:48 2016(r301736)
+++ head/sys/kern/sysv_msg.cThu Jun  9 15:34:33 2016(r301737)
@@ -320,12 +320,6 @@ msgunload()
 #endif
 
for (msqid = 0; msqid < msginfo.msgmni; msqid++) {
-   /*
-* Look for an unallocated and unlocked msqid_ds.
-* msqid_ds's can be locked by msgsnd or msgrcv while
-* they are copying the message in/out.  We can't
-* re-use the entry until they release it.
-*/
msqkptr = [msqid];
if (msqkptr->u.msg_qbytes != 0 ||
(msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r300983 - in head: lib/libc/sys sys/kern

2016-05-29 Thread Jamie Gritton 
Author: jamie
Date: Mon May 30 05:21:24 2016
New Revision: 300983
URL: https://svnweb.freebsd.org/changeset/base/300983

Log:
  Mark jail(2), and the sysctls that it (and only it) uses as deprecated.
  jail(8) has long used jail_set(2), and those sysctl only cause confusion.

Modified:
  head/lib/libc/sys/jail.2
  head/sys/kern/kern_jail.c

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Mon May 30 04:48:06 2016(r300982)
+++ head/lib/libc/sys/jail.2Mon May 30 05:21:24 2016(r300983)
@@ -106,7 +106,7 @@ pointers can be set to an arrays of IPv4
 the prison, or NULL if none.
 IPv4 addresses must be in network byte order.
 .Pp
-This is equivalent to the
+This is equivalent to, and deprecated in favor of, the
 .Fn jail_set
 system call (see below), with the parameters
 .Va path ,

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon May 30 04:48:06 2016(r300982)
+++ head/sys/kern/kern_jail.c   Mon May 30 05:21:24 2016(r300983)
@@ -4276,7 +4276,7 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vn
 #if defined(INET) || defined(INET6)
 SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
 _max_af_ips, 0,
-"Number of IP addresses a jail may have at most per address family");
+"Number of IP addresses a jail may have at most per address family 
(deprecated)");
 #endif
 
 /*
@@ -4316,59 +4316,59 @@ sysctl_jail_default_allow(SYSCTL_HANDLER
 SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I",
-"Processes in jail can set their hostnames");
+"Processes in jail can set their hostnames (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I",
-"Processes in jail are limited to creating UNIX/IP/route sockets only");
+"Processes in jail are limited to creating UNIX/IP/route sockets only 
(deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I",
-"Processes in jail can use System V IPC primitives");
+"Processes in jail can use System V IPC primitives (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I",
-"Prison root can create raw sockets");
+"Prison root can create raw sockets (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I",
-"Processes in jail can alter system file flags");
+"Processes in jail can alter system file flags (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I",
-"Processes in jail can mount/unmount jail-friendly file systems");
+"Processes in jail can mount/unmount jail-friendly file systems 
(deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_devfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the devfs file system");
+"Processes in jail can mount the devfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_fdescfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_FDESCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the fdescfs file system");
+"Processes in jail can mount the fdescfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the nullfs file system");
+"Processes in jail can mount the nullfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_procfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_PROCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the procfs file system");
+"Processes in jail can mount the procfs file system (deprecated)");
 SYSCTL_PROC(_security_jail, OID_AUTO, mount_linprocfs_allowed,
 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
 NULL, PR_ALLOW_MOUNT_LINPROCFS, sysctl_jail_default_allow, "I",
-"Processes in jail can mount the linprocfs file system");
+"Processes in jail can mount the linprocfs file system (deprecated)");
 SYSCTL_PROC(_security_jail,

svn commit: r298889 - stable/10/usr.sbin/jail

2016-05-01 Thread Jamie Gritton 
Author: jamie
Date: Sun May  1 16:49:32 2016
New Revision: 298889
URL: https://svnweb.freebsd.org/changeset/base/298889

Log:
  MFC r29: typo
  
  Submitted by: Jimmy Olgeni

Modified:
  stable/10/usr.sbin/jail/jail.8
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/jail/jail.8
==
--- stable/10/usr.sbin/jail/jail.8  Sun May  1 16:48:03 2016
(r29)
+++ stable/10/usr.sbin/jail/jail.8  Sun May  1 16:49:32 2016
(r298889)
@@ -653,7 +653,7 @@ its keys.
 If set to
 .Dq disable ,
 the jail cannot perform any sysvmsg-related system calls.
-.It Va sysvsem, sysvmsg
+.It Va sysvsem, sysvshm
 Allow access to SYSV IPC semaphore and shared memory primitives, in the
 same manner as
 .Va sysvmsg.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298888 - head/usr.sbin/jail

2016-05-01 Thread Jamie Gritton 
Author: jamie
Date: Sun May  1 16:48:03 2016
New Revision: 29
URL: https://svnweb.freebsd.org/changeset/base/29

Log:
  typo
  
  Submitted by: Jimmy Olgeni

Modified:
  head/usr.sbin/jail/jail.8

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Sun May  1 16:43:22 2016(r298887)
+++ head/usr.sbin/jail/jail.8   Sun May  1 16:48:03 2016(r29)
@@ -653,7 +653,7 @@ its keys.
 If set to
 .Dq disable ,
 the jail cannot perform any sysvmsg-related system calls.
-.It Va sysvsem, sysvmsg
+.It Va sysvsem, sysvshm
 Allow access to SYSV IPC semaphore and shared memory primitives, in the
 same manner as
 .Va sysvmsg.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298863 - in head: share/man/man5 usr.sbin/jail

2016-04-30 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 30 21:27:41 2016
New Revision: 298863
URL: https://svnweb.freebsd.org/changeset/base/298863

Log:
  Clarify when happens when there is a "depend" parameter in jail.conf,
  and how this affects the "jail_list" option in rc.conf.

Modified:
  head/share/man/man5/rc.conf.5
  head/usr.sbin/jail/jail.8

Modified: head/share/man/man5/rc.conf.5
==
--- head/share/man/man5/rc.conf.5   Sat Apr 30 20:05:23 2016
(r298862)
+++ head/share/man/man5/rc.conf.5   Sat Apr 30 21:27:41 2016
(r298863)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd April 29, 2016
+.Dd April 30, 2016
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -3868,6 +3868,9 @@ The names specified in this list control
 instances missing from
 .Va jail_list
 must be started manually.
+Note that a jail's
+.Va depend
+parameter in the configuration file may override this list.
 .It Va jail_reverse_stop
 .Pq Vt bool
 When set to

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Sat Apr 30 20:05:23 2016(r298862)
+++ head/usr.sbin/jail/jail.8   Sat Apr 30 21:27:41 2016(r298863)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd April 25, 2016
+.Dd April 30, 2016
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -838,13 +838,14 @@ Allow making changes to a
 jail.
 .It Va depend
 Specify a jail (or jails) that this jail depends on.
-Any such jails must be fully created, up to the last
+When this jail is to be created, any jail(s) it depends on must already exist.
+If not, they will be created automatically, up to the completion of the last
 .Va exec.poststart
 command, before any action will taken to create this jail.
 When jails are removed the opposite is true:
-this jail must be fully removed, up to the last
+this jail will be removed, up to the last
 .Va exec.poststop
-command, before the jail(s) it depends on are stopped.
+command, before any jail(s) it depends on are stopped.
 .El
 .Sh EXAMPLES
 Jails are typically set up using one of two philosophies: either to
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298852 - in stable/10: etc/defaults etc/rc.d share/man/man5

2016-04-30 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 30 15:06:18 2016
New Revision: 298852
URL: https://svnweb.freebsd.org/changeset/base/298852

Log:
  MFC r295471:
  
Add new rc.conf parameter "jail_reverse_stop"
  
When a user defines "jail_list" in rc.conf the jails are started in the
order defined. Currently the jails are not are stopped in reverse order
which may break dependencies between jails/services and prevent a clean
shutdown. The new parameter "jail_reverse_stop" will shutdown jails in
"jail_list" in reverse order when set to "YES".
  
Please note that this does not affect manual invocation of the jail rc
script. If a user runs the command
  
  # service jail stop jail1 jail2 jail3
  
the jails will be stopped in exactly the order specified regardless of
jail_reverse_stop being defined in rc.conf.
  
  MFC r295568:
  
Document the new jail_reverse_stop parameter
  
While here clean up the documentation for jail_list
  
  PR:   196152
  Submitted by: feld

Modified:
  stable/10/etc/defaults/rc.conf
  stable/10/etc/rc.d/jail
  stable/10/share/man/man5/rc.conf.5
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/defaults/rc.conf
==
--- stable/10/etc/defaults/rc.conf  Sat Apr 30 14:48:30 2016
(r298851)
+++ stable/10/etc/defaults/rc.conf  Sat Apr 30 15:06:18 2016
(r298852)
@@ -700,6 +700,7 @@ rctl_rules="/etc/rctl.conf" # rctl(8) ru
 jail_enable="NO"   # Set to NO to disable starting of any jails
 jail_parallel_start="NO"   # Start jails in the background
 jail_list=""   # Space separated list of names of jails
+jail_reverse_stop="NO" # Stop jails in reverse order
 
 ##
 ### Define source_rc_confs, the mechanism used by /etc/rc.* ##

Modified: stable/10/etc/rc.d/jail
==
--- stable/10/etc/rc.d/jail Sat Apr 30 14:48:30 2016(r298851)
+++ stable/10/etc/rc.d/jail Sat Apr 30 15:06:18 2016(r298852)
@@ -517,7 +517,11 @@ jail_stop()
command=$jail_program
rc_flags=$jail_flags
command_args="-f $jail_conf -r"
-   $jail_jls name | while read _j; do
+   if checkyesno jail_reverse_stop; then
+   $jail_jls name | tail -r
+   else
+   $jail_jls name
+   fi | while read _j; do
echo -n " $_j"
_tmp=`mktemp -t jail` || exit 3
$command $rc_flags $command_args $_j >> $_tmp 2>&1
@@ -532,6 +536,7 @@ jail_stop()
return
;;
esac
+   checkyesno jail_reverse_stop && set -- $(reverse_list $@)
for _j in $@; do
_j=$(echo $_j | tr /. _)
_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
@@ -567,5 +572,6 @@ jail_warn()
 load_rc_config $name
 case $# in
 1) run_rc_command $@ ${jail_list:-_ALL} ;;
-*) run_rc_command $@ ;;
+*) jail_reverse_stop="no"
+   run_rc_command $@ ;;
 esac

Modified: stable/10/share/man/man5/rc.conf.5
==
--- stable/10/share/man/man5/rc.conf.5  Sat Apr 30 14:48:30 2016
(r298851)
+++ stable/10/share/man/man5/rc.conf.5  Sat Apr 30 15:06:18 2016
(r298852)
@@ -3938,20 +3938,22 @@ for every jail in
 .Va jail_list .
 .It Va jail_list
 .Pq Vt str
-A space separated list of names for jails.
-If this variable is empty,
-all of
+A space-delimited list of jail names.
+When left empty, all of the
 .Xr jail 8
-instances in the configuration file will be configured.
-This is purely a configuration aid to help identify and
-configure multiple jails.
-The names specified in this list will be used to
-identify settings common to an instance of a jail,
-and should contain alphanumeric characters only.
-The literal jail name of
-.Dq Li 0
-.Pq zero
-is not allowed.
+instances defined in the configuration file are started.
+The names specified in this list control the jail startup order.
+.Xr jail 8
+instances missing from
+.Va jail_list
+must be started manually.
+.It Va jail_reverse_stop
+.Pq Vt bool
+When set to
+.Dq Li YES ,
+all configured jails in
+.Va jail_list
+are stopped in reverse order.
 .It Va jail_* variables
 Note that older releases supported per-jail configuration via
 .Xr rc.conf 5
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298835 - in stable/10: sys/kern usr.sbin/jail

2016-04-29 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 30 04:02:32 2016
New Revision: 298835
URL: https://svnweb.freebsd.org/changeset/base/298835

Log:
  MFC r298584:
  
Note the existence of module-specific jail paramters, starting with the
linux.* parameters when linux emulation is loaded.
  
  MFC r298585:
  
Encapsulate SYSV IPC objects in jails.  Define per-module parameters
sysvmsg, sysvsem, and sysvshm, with the following bahavior:
  
inherit: allow full access to the IPC primitives.  This is the same as
the current setup with allow.sysvipc is on.  Jails and the base system
can see (and moduly) each other's objects, which is generally considered
a bad thing (though may be useful in some circumstances).
  
disable: all no access, same as the current setup with allow.sysvipc off.
  
new: A jail may see use the IPC objects that it has created.  It also
gets its own IPC key namespace, so different jails may have their own
objects using the same key value.  The parent jail (or base system) can
see the jail's IPC objects, but not its keys.
  
  PR:   48471

Modified:
  stable/10/sys/kern/sysv_msg.c
  stable/10/sys/kern/sysv_sem.c
  stable/10/sys/kern/sysv_shm.c
  stable/10/usr.sbin/jail/jail.8
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/sysv_msg.c
==
--- stable/10/sys/kern/sysv_msg.c   Sat Apr 30 04:01:22 2016
(r298834)
+++ stable/10/sys/kern/sysv_msg.c   Sat Apr 30 04:02:32 2016
(r298835)
@@ -62,8 +62,10 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -80,6 +82,14 @@ static MALLOC_DEFINE(M_MSG, "msg", "SVID
 static int msginit(void);
 static int msgunload(void);
 static int sysvmsg_modload(struct module *, int, void *);
+static void msq_remove(struct msqid_kernel *);
+static struct prison *msg_find_prison(struct ucred *);
+static int msq_prison_cansee(struct prison *, struct msqid_kernel *);
+static int msg_prison_check(void *, void *);
+static int msg_prison_set(void *, void *);
+static int msg_prison_get(void *, void *);
+static int msg_prison_remove(void *, void *);
+static void msg_prison_cleanup(struct prison *);
 
 
 #ifdef MSG_DEBUG
@@ -155,6 +165,7 @@ static struct msgmap *msgmaps;  /* MSGSEG
 static struct msg *msghdrs;/* MSGTQL msg headers */
 static struct msqid_kernel *msqids;/* MSGMNI msqid_kernel struct's */
 static struct mtx msq_mtx; /* global mutex for message queues. */
+static unsigned msg_prison_slot;/* prison OSD slot */
 
 static struct syscall_helper_data msg_syscalls[] = {
SYSCALL_INIT_HELPER(msgctl),
@@ -194,7 +205,15 @@ static struct syscall_helper_data msg32_
 static int
 msginit()
 {
+   struct prison *pr;
+   void *rsv;
int i, error;
+   osd_method_t methods[PR_MAXMETHOD] = {
+   [PR_METHOD_CHECK] = msg_prison_check,
+   [PR_METHOD_SET] =   msg_prison_set,
+   [PR_METHOD_GET] =   msg_prison_get,
+   [PR_METHOD_REMOVE] =msg_prison_remove,
+   };
 
TUNABLE_INT_FETCH("kern.ipc.msgseg", );
TUNABLE_INT_FETCH("kern.ipc.msgssz", );
@@ -258,6 +277,29 @@ msginit()
}
mtx_init(_mtx, "msq", NULL, MTX_DEF);
 
+   /* Set current prisons according to their allow.sysvipc. */
+   msg_prison_slot = osd_jail_register(NULL, methods);
+   rsv = osd_reserve(msg_prison_slot);
+   prison_lock();
+   (void)osd_jail_set_reserved(, msg_prison_slot, rsv, );
+   prison_unlock();
+   rsv = NULL;
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list) {
+   if (rsv == NULL)
+   rsv = osd_reserve(msg_prison_slot);
+   prison_lock(pr);
+   if ((pr->pr_allow & PR_ALLOW_SYSVIPC) && pr->pr_ref > 0) {
+   (void)osd_jail_set_reserved(pr, msg_prison_slot, rsv,
+   );
+   rsv = NULL;
+   }
+   prison_unlock(pr);
+   }
+   if (rsv != NULL)
+   osd_free_reserved(rsv);
+   sx_sunlock(_lock);
+
error = syscall_helper_register(msg_syscalls);
if (error != 0)
return (error);
@@ -298,6 +340,8 @@ msgunload()
if (msqid != msginfo.msgmni)
return (EBUSY);
 
+   if (msg_prison_slot != 0)
+   osd_jail_deregister(msg_prison_slot);
 #ifdef MAC
for (i = 0; i < msginfo.msgtql; i++)
mac_sysvmsg_destroy([i]);
@@ -372,6 +416,67 @@ msg_freehdr(msghdr)
 #endif
 }
 
+static void
+msq_remove(struct msqid_kernel *msqkptr)
+{
+   struct msg *msghdr;
+
+   racct_sub_cred(msqkptr->cred, RACCT_NMSGQ, 1);
+   racct_sub_cred(msqkptr->cred, RACCT_MSGQQUEUED, msqkptr->u.msg_qnum);
+   racct_sub_cred(msqkptr->cred, RACCT_MSGQSIZE,

svn commit: r298834 - in stable/10: share/man/man9 sys/kern sys/sys

2016-04-29 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 30 04:01:22 2016
New Revision: 298834
URL: https://svnweb.freebsd.org/changeset/base/298834

Log:
  MFC r297367:
  
Move the various per-type arrays of OSD data into a single structure array.
  
  MFC r297422:
  
Add osd_reserve() and osd_set_reserved(), which allow M_WAITOK allocation
of an OSD array.

Modified:
  stable/10/share/man/man9/osd.9
  stable/10/sys/kern/kern_osd.c
  stable/10/sys/sys/osd.h
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/share/man/man9/osd.9
==
--- stable/10/share/man/man9/osd.9  Sat Apr 30 03:19:07 2016
(r298833)
+++ stable/10/share/man/man9/osd.9  Sat Apr 30 04:01:22 2016
(r298834)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 5, 2011
+.Dd March 30, 2016
 .Dt OSD 9
 .Os
 .Sh NAME
@@ -33,6 +33,9 @@
 .Nm osd_register ,
 .Nm osd_deregister ,
 .Nm osd_set ,
+.Nm osd_reserve ,
+.Nm osd_set_reserved ,
+.Nm osd_free_reserved ,
 .Nm osd_get ,
 .Nm osd_del ,
 .Nm osd_call ,
@@ -63,6 +66,22 @@
 .Fa "void *value"
 .Fc
 .Ft void *
+.Fo osd_reserve
+.Fa "u_int slot"
+.Fc
+.Ft int
+.Fo osd_set_reserved
+.Fa "u_int type"
+.Fa "struct osd *osd"
+.Fa "u_int slot"
+.Fa "void *rsv"
+.Fa "void *value"
+.Fc
+.Ft void
+.Fo osd_free_reserved
+.Fa "void *rsv"
+.Fc
+.Ft void *
 .Fo osd_get
 .Fa "u_int type"
 .Fa "struct osd *osd"
@@ -198,6 +217,15 @@ argument points to a data object to asso
 .Fa osd .
 .Pp
 The
+.Fn osd_set_reserved
+function does the same as
+.Fn osd_set ,
+but with an extra argument
+.Fa rsv
+that is internal-use memory previously allocated via
+.Fn osd_reserve .
+.Pp
+The
 .Fn osd_get
 function returns the data pointer associated with a kernel data structure's
 .Vt struct osd
@@ -324,6 +352,24 @@ will proceed without any
 .Xr realloc 9
 calls.
 .Pp
+It is possible for
+.Fn osd_set
+to fail to allocate this array.  To ensure that such allocation succeeds,
+.Fn osd_reserve
+may be called (in a non-blocking context), and it will pre-allocate the
+memory via
+.Xr malloc 9
+with M_WAITOK.
+Then this pre-allocated memory is passed to
+.Fn osd_set_reserved ,
+which will use it if necessary or otherwise discard it.
+The memory may also be explicitly discarded by calling
+.Fn osd_free_reserved .
+As this method always allocates memory whether or not it is ultimately needed,
+it should be used only rarely, such as in the unlikely event that
+.Fn osd_set
+fails.
+.Pp
 The
 .Nm
 API is geared towards slot identifiers storing pointers to the same underlying
@@ -359,15 +405,27 @@ the kernel including most fast paths.
 returns the slot identifier for the newly registered data type.
 .Pp
 .Fn osd_set
-returns zero on success or ENOMEM if the specified type/slot identifier pair
+and
+.Fn osd_set_reserved
+return zero on success or ENOMEM if the specified type/slot identifier pair
 triggered an internal
 .Xr realloc 9
-which failed.
+which failed
+.Fn ( osd_set_reserved
+will always succeed when
+.Fa rsv
+is non-NULL).
 .Pp
 .Fn osd_get
 returns the data pointer for the specified type/slot identifier pair, or NULL 
if
 the slot has not been initialised yet.
 .Pp
+.Fn osd_reserve
+returns a pointer suitable for passing to
+.Fn osd_set_reserved
+or
+.Fn osd_free_reserved .
+.Pp
 .Fn osd_call
 returns zero if no method is run or the method for each slot runs successfully.
 If a method for a slot returns non-zero,

Modified: stable/10/sys/kern/kern_osd.c
==
--- stable/10/sys/kern/kern_osd.c   Sat Apr 30 03:19:07 2016
(r298833)
+++ stable/10/sys/kern/kern_osd.c   Sat Apr 30 04:01:22 2016
(r298834)
@@ -44,6 +44,23 @@ __FBSDID("$FreeBSD$");
 
 /* OSD (Object Specific Data) */
 
+/*
+ * Lock key:
+ *  (m) osd_module_lock
+ *  (o) osd_object_lock
+ *  (l) osd_list_lock
+ */
+struct osd_master {
+   struct sxosd_module_lock;
+   struct rmlockosd_object_lock;
+   struct mtx   osd_list_lock;
+   LIST_HEAD(, osd) osd_list;  /* (l) */
+   osd_destructor_t*osd_destructors;   /* (o) */
+   osd_method_t*osd_methods;   /* (m) */
+   u_intosd_ntslots;   /* (m) */
+   const u_int  osd_nmethods;
+};
+
 static MALLOC_DEFINE(M_OSD, "osd", "Object Specific Data");
 
 static int osd_debug = 0;
@@ -62,25 +79,12 @@ static void do_osd_del(u_int type, struc
 int list_locked);
 
 /*
- * Lists of objects with OSD.
- *
- * Lock key:
- *  (m) osd_module_lock
- *  (o) osd_object_lock
- *  (l) osd_list_lock
+ * List of objects with OSD.
  */
-static LIST_HEAD(, osd)osd_list[OSD_LAST + 1]; /* (m) */
-static osd_method_t *osd_methods[OSD_LAST + 1];/* (m) */
-static u_int osd_nslots[OSD_LAST + 1]; /* (m) */
-static osd_destructor_t

svn commit: r298833 - in stable/10/sys: kern sys

2016-04-29 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 30 03:19:07 2016
New Revision: 298833
URL: https://svnweb.freebsd.org/changeset/base/298833

Log:
  MFC r298565:
  
Add a new jail OSD method, PR_METHOD_REMOVE.  It's called when a jail is
removed from the user perspective, i.e. when the last pr_uref goes away,
even though the jail mail still exist in the dying state.  It will also
be called if either PR_METHOD_CREATE or PR_METHOD_SET fail.
  
  MFC r298683:
  
Delay removing the last jail reference in prison_proc_free, and instead
put it off into the pr_task.  This is similar to prison_free, and in fact
uses the same task even though they do something slightly different.
  
  MFC r298566:
  
Pass the current/new jail to PR_METHOD_CHECK, which pushes the call
until after the jail is found or created.  This requires unlocking the
jail for the call and re-locking it afterward, but that works because
nothing in the jail has been changed yet, and other processes won't
change the important fields as long as allprison_lock remains held.
  
Keep better track of name vs namelc in kern_jail_set.  Name should
always be the hierarchical name (relative to the caller), and namelc
the last component.
  
  MFC r298668:
  
Use crcopysafe in jail_attach.
  
  PR:   48471

Modified:
  stable/10/sys/kern/kern_jail.c
  stable/10/sys/sys/jail.h
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Sat Apr 30 03:05:36 2016
(r298832)
+++ stable/10/sys/kern/kern_jail.c  Sat Apr 30 03:19:07 2016
(r298833)
@@ -560,8 +560,9 @@ kern_jail_set(struct thread *td, struct 
void *op;
 #endif
unsigned long hid;
-   size_t namelen, onamelen;
-   int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos;
+   size_t namelen, onamelen, pnamelen;
+   int born, created, cuflags, descend, enforce;
+   int error, errmsg_len, errmsg_pos;
int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel;
int fi, jid, jsys, len, level;
int childmax, osreldt, rsnum, slevel;
@@ -584,7 +585,7 @@ kern_jail_set(struct thread *td, struct 
error = priv_check(td, PRIV_JAIL_ATTACH);
if (error)
return (error);
-   mypr = ppr = td->td_ucred->cr_prison;
+   mypr = td->td_ucred->cr_prison;
if ((flags & JAIL_CREATE) && mypr->pr_childmax == 0)
return (EPERM);
if (flags & ~JAIL_SET_MASK)
@@ -611,6 +612,13 @@ kern_jail_set(struct thread *td, struct 
 #endif
g_path = NULL;
 
+   cuflags = flags & (JAIL_CREATE | JAIL_UPDATE);
+   if (!cuflags) {
+   error = EINVAL;
+   vfs_opterror(opts, "no valid operation (create or update)");
+   goto done_errmsg;
+   }
+
error = vfs_copyopt(opts, "jid", , sizeof(jid));
if (error == ENOENT)
jid = 0;
@@ -1020,42 +1028,18 @@ kern_jail_set(struct thread *td, struct 
}
 
/*
-* Grab the allprison lock before letting modules check their
-* parameters.  Once we have it, do not let go so we'll have a
-* consistent view of the OSD list.
-*/
-   sx_xlock(_lock);
-   error = osd_jail_call(NULL, PR_METHOD_CHECK, opts);
-   if (error)
-   goto done_unlock_list;
-
-   /* By now, all parameters should have been noted. */
-   TAILQ_FOREACH(opt, opts, link) {
-   if (!opt->seen && strcmp(opt->name, "errmsg")) {
-   error = EINVAL;
-   vfs_opterror(opts, "unknown parameter: %s", opt->name);
-   goto done_unlock_list;
-   }
-   }
-
-   /*
-* See if we are creating a new record or updating an existing one.
+* Find the specified jail, or at least its parent.
 * This abuses the file error codes ENOENT and EEXIST.
 */
-   cuflags = flags & (JAIL_CREATE | JAIL_UPDATE);
-   if (!cuflags) {
-   error = EINVAL;
-   vfs_opterror(opts, "no valid operation (create or update)");
-   goto done_unlock_list;
-   }
pr = NULL;
-   namelc = NULL;
+   ppr = mypr;
if (cuflags == JAIL_CREATE && jid == 0 && name != NULL) {
namelc = strrchr(name, '.');
jid = strtoul(namelc != NULL ? namelc + 1 : name, , 10);
if (*p != '\0')
jid = 0;
}
+   sx_xlock(_lock);
if (jid != 0) {
/*
 * See if a requested jid already exists.  There is an
@@ -1121,6 +1105,7 @@ kern_jail_set(struct thread *td, struct 
 * and updates keyed by the name itself (where the name must exist
 * because that is the jail being updated).
 */
+

svn commit: r298832 - in stable/10/sys: kern sys

2016-04-29 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 30 03:05:36 2016
New Revision: 298832
URL: https://svnweb.freebsd.org/changeset/base/298832

Log:
  MFC r298564:
  
Remove the PR_REMOVE flag, which was meant as a temporary marker for
a jail that might be seen mid-removal.  It hasn't been doing the right
thing since at least the ability to resurrect dying jails, and such
resurrection also makes it unnecessary.

Modified:
  stable/10/sys/kern/kern_jail.c
  stable/10/sys/sys/jail.h
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/kern/kern_jail.c
==
--- stable/10/sys/kern/kern_jail.c  Sat Apr 30 02:47:41 2016
(r298831)
+++ stable/10/sys/kern/kern_jail.c  Sat Apr 30 03:05:36 2016
(r298832)
@@ -1234,7 +1234,7 @@ kern_jail_set(struct thread *td, struct 
}
created = 1;
mtx_lock(>pr_mtx);
-   if (ppr->pr_ref == 0 || (ppr->pr_flags & PR_REMOVE)) {
+   if (ppr->pr_ref == 0) {
mtx_unlock(>pr_mtx);
error = ENOENT;
vfs_opterror(opts, "parent jail went away!");
@@ -2290,7 +2290,6 @@ sys_jail_remove(struct thread *td, struc
 
/* Remove all descendants of this prison, then remove this prison. */
pr->pr_ref++;
-   pr->pr_flags |= PR_REMOVE;
if (!LIST_EMPTY(>pr_children)) {
mtx_unlock(>pr_mtx);
lpr = NULL;
@@ -2299,7 +2298,6 @@ sys_jail_remove(struct thread *td, struc
if (cpr->pr_ref > 0) {
tpr = cpr;
cpr->pr_ref++;
-   cpr->pr_flags |= PR_REMOVE;
} else {
/* Already removed - do not do it again. */
tpr = NULL;

Modified: stable/10/sys/sys/jail.h
==
--- stable/10/sys/sys/jail.hSat Apr 30 02:47:41 2016(r298831)
+++ stable/10/sys/sys/jail.hSat Apr 30 03:05:36 2016(r298832)
@@ -212,7 +212,6 @@ struct prison_racct {
/* primary jail address. */
 
 /* Internal flag bits */
-#definePR_REMOVE   0x0100  /* In process of being removed 
*/
 #definePR_IP4  0x0200  /* IPv4 restricted or disabled 
*/
/* by this jail or an ancestor */
 #definePR_IP6  0x0400  /* IPv6 restricted or disabled 
*/
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298729 - stable/10/usr.sbin/jail

2016-04-27 Thread Jamie Gritton 
Author: jamie
Date: Thu Apr 28 01:40:47 2016
New Revision: 298729
URL: https://svnweb.freebsd.org/changeset/base/298729

Log:
  MFC r298562:
  
Make jail(8) interpret escape codes in fstab the same as getfsent(3).
  
  PR:   208663

Modified:
  stable/10/usr.sbin/jail/command.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/jail/command.c
==
--- stable/10/usr.sbin/jail/command.c   Thu Apr 28 01:31:07 2016
(r298728)
+++ stable/10/usr.sbin/jail/command.c   Thu Apr 28 01:40:47 2016
(r298729)
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 
 #include "jailp.h"
 
@@ -445,8 +446,14 @@ run_command(struct cfjail *j)
strcpy(comcs, comstring->s);
argc = 0;
for (cs = strtok(comcs, " \t\f\v\r\n"); cs && argc < 4;
-cs = strtok(NULL, " \t\f\v\r\n"))
+cs = strtok(NULL, " \t\f\v\r\n")) {
+   if (argc <= 1 && strunvis(cs, cs) < 0) {
+   jail_warnx(j, "%s: %s: fstab parse error",
+   j->intparams[comparam]->name, comstring->s);
+   return -1;
+   }
argv[argc++] = cs;
+   }
if (argc == 0)
return 0;
if (argc < 3) {
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298728 - stable/10/etc/rc.d

2016-04-27 Thread Jamie Gritton 
Author: jamie
Date: Thu Apr 28 01:31:07 2016
New Revision: 298728
URL: https://svnweb.freebsd.org/changeset/base/298728

Log:
  MFC r298516:
  
Don't remove the /var/run/jail_name.id file if a jail fails to start.
This messes up ezjail (and possibly others), when attempting to start
a jail that already exists.
  
  PR:   208806
  Reviewed by:  tj

Modified:
  stable/10/etc/rc.d/jail
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/rc.d/jail
==
--- stable/10/etc/rc.d/jail Thu Apr 28 01:12:38 2016(r298727)
+++ stable/10/etc/rc.d/jail Thu Apr 28 01:31:07 2016(r298728)
@@ -471,7 +471,6 @@ jail_start()
if _jid=$($jail_jls -j $_j jid); then
echo "$_jid" > /var/run/jail_${_j}.id
else
-   rm -f /var/run/jail_${_j}.id
echo " cannot start jail " \
"\"${_hostname:-${_j}}\": "
fi
@@ -495,7 +494,6 @@ jail_start()
_jid=$($jail_jls -j $_j jid)
echo $_jid > /var/run/jail_${_j}.id
else
-   rm -f /var/run/jail_${_j}.id
echo " cannot start jail " \
"\"${_hostname:-${_j}}\": "
cat $_tmp
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298683 - in head/sys: kern sys

2016-04-26 Thread Jamie Gritton 
Author: jamie
Date: Wed Apr 27 02:25:21 2016
New Revision: 298683
URL: https://svnweb.freebsd.org/changeset/base/298683

Log:
  Delay revmoing the last jail reference in prison_proc_free, and instead
  put it off into the pr_task.  This is similar to prison_free, and in fact
  uses the same task even though they do something slightly different.
  
  This resolves a LOR between the process lock and allprison_lock, which
  came about in r298565.
  
  PR:   48471

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Wed Apr 27 02:13:57 2016(r298682)
+++ head/sys/kern/kern_jail.c   Wed Apr 27 02:25:21 2016(r298683)
@@ -1328,6 +1328,7 @@ kern_jail_set(struct thread *td, struct 
 
LIST_INIT(>pr_children);
mtx_init(>pr_mtx, "jail mutex", NULL, MTX_DEF | MTX_DUPOK);
+   TASK_INIT(>pr_task, 0, prison_complete, pr);
 
 #ifdef VIMAGE
/* Allocate a new vnet if specified. */
@@ -2575,16 +2576,13 @@ prison_allow(struct ucred *cred, unsigne
 void
 prison_free_locked(struct prison *pr)
 {
+   int ref;
 
mtx_assert(>pr_mtx, MA_OWNED);
-   pr->pr_ref--;
-   if (pr->pr_ref == 0) {
-   mtx_unlock(>pr_mtx);
-   TASK_INIT(>pr_task, 0, prison_complete, pr);
-   taskqueue_enqueue(taskqueue_thread, >pr_task);
-   return;
-   }
+   ref = --pr->pr_ref;
mtx_unlock(>pr_mtx);
+   if (ref == 0)
+   taskqueue_enqueue(taskqueue_thread, >pr_task);
 }
 
 void
@@ -2595,11 +2593,17 @@ prison_free(struct prison *pr)
prison_free_locked(pr);
 }
 
+/*
+ * Complete a call to either prison_free or prison_proc_free.
+ */
 static void
 prison_complete(void *context, int pending)
 {
+   struct prison *pr = context;
 
-   prison_deref((struct prison *)context, 0);
+   mtx_lock(>pr_mtx);
+   prison_deref(pr, pr->pr_uref
+   ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED);
 }
 
 /*
@@ -2618,6 +2622,9 @@ prison_deref(struct prison *pr, int flag
mtx_lock(>pr_mtx);
for (;;) {
if (flags & PD_DEUREF) {
+   KASSERT(pr->pr_uref > 0,
+   ("prison_deref PD_DEUREF on a dead prison (jid=%d)",
+pr->pr_id));
pr->pr_uref--;
lasturef = pr->pr_uref == 0;
if (lasturef)
@@ -2625,8 +2632,12 @@ prison_deref(struct prison *pr, int flag
KASSERT(prison0.pr_uref != 0, ("prison0 pr_uref=0"));
} else
lasturef = 0;
-   if (flags & PD_DEREF)
+   if (flags & PD_DEREF) {
+   KASSERT(pr->pr_ref > 0,
+   ("prison_deref PD_DEREF on a dead prison (jid=%d)",
+pr->pr_id));
pr->pr_ref--;
+   }
ref = pr->pr_ref;
mtx_unlock(>pr_mtx);
 
@@ -2740,7 +2751,20 @@ prison_proc_free(struct prison *pr)
mtx_lock(>pr_mtx);
KASSERT(pr->pr_uref > 0,
("Trying to kill a process in a dead prison (jid=%d)", pr->pr_id));
-   prison_deref(pr, PD_DEUREF | PD_LOCKED);
+   if (pr->pr_uref > 1)
+   pr->pr_uref--;
+   else {
+   /*
+* Don't remove the last user reference in this context, which
+* is expected to be a process that is not only locked, but
+* also half dead.
+*/
+   pr->pr_ref++;
+   mtx_unlock(>pr_mtx);
+   taskqueue_enqueue(taskqueue_thread, >pr_task);
+   return;
+   }
+   mtx_unlock(>pr_mtx);
 }
 
 

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Wed Apr 27 02:13:57 2016(r298682)
+++ head/sys/sys/jail.h Wed Apr 27 02:25:21 2016(r298683)
@@ -149,7 +149,6 @@ struct prison_racct;
  *   (p) locked by pr_mtx
  *   (c) set only during creation before the structure is shared, no mutex
  *   required to read
- *   (d) set only during destruction of jail, no mutex needed
  */
 struct prison {
TAILQ_ENTRY(prison) pr_list;/* (a) all prisons */
@@ -161,7 +160,7 @@ struct prison {
LIST_ENTRY(prison) pr_sibling;  /* (a) next in parent's 
list */
struct prison   *pr_parent; /* (c) containing jail 
*/
struct mtx   pr_mtx;
-   struct task  pr_task;   /* (d) destroy task */
+   struct task  pr_task;   /* (c) destroy task */
struct osd   pr_osd;/* (p) additional data 
*/

svn commit: r298668 - head/sys/kern

2016-04-26 Thread Jamie Gritton 
Author: jamie
Date: Tue Apr 26 21:19:12 2016
New Revision: 298668
URL: https://svnweb.freebsd.org/changeset/base/298668

Log:
  Use crcopysafe in jail_attach.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Tue Apr 26 21:11:52 2016(r298667)
+++ head/sys/kern/kern_jail.c   Tue Apr 26 21:19:12 2016(r298668)
@@ -2405,7 +2405,6 @@ sys_jail_attach(struct thread *td, struc
 static int
 do_jail_attach(struct thread *td, struct prison *pr)
 {
-   struct prison *ppr;
struct proc *p;
struct ucred *newcred, *oldcred;
int error;
@@ -2433,7 +2432,6 @@ do_jail_attach(struct thread *td, struct
/*
 * Reparent the newly attached process to this jail.
 */
-   ppr = td->td_ucred->cr_prison;
p = td->td_proc;
error = cpuset_setproc_update_set(p, pr->pr_cpuset);
if (error)
@@ -2452,23 +2450,23 @@ do_jail_attach(struct thread *td, struct
 
newcred = crget();
PROC_LOCK(p);
-   oldcred = p->p_ucred;
-   setsugid(p);
-   crcopy(newcred, oldcred);
+   oldcred = crcopysafe(p, newcred);
newcred->cr_prison = pr;
proc_set_cred(p, newcred);
+   setsugid(p);
PROC_UNLOCK(p);
 #ifdef RACCT
racct_proc_ucred_changed(p, oldcred, newcred);
 #endif
+   prison_deref(oldcred->cr_prison, PD_DEREF | PD_DEUREF);
crfree(oldcred);
-   prison_deref(ppr, PD_DEREF | PD_DEUREF);
return (0);
+
  e_unlock:
VOP_UNLOCK(pr->pr_root, 0);
  e_revert_osd:
/* Tell modules this thread is still in its old jail after all. */
-   (void)osd_jail_call(ppr, PR_METHOD_ATTACH, td);
+   (void)osd_jail_call(td->td_ucred->cr_prison, PR_METHOD_ATTACH, td);
prison_deref(pr, PD_DEREF | PD_DEUREF);
return (error);
 }
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298656 - head/sys/kern

2016-04-26 Thread Jamie Gritton 
Author: jamie
Date: Tue Apr 26 18:17:44 2016
New Revision: 298656
URL: https://svnweb.freebsd.org/changeset/base/298656

Log:
  Redo the changes to the SYSV IPC sysctl functions from r298585, so they
  don't (mis)use sbufs.
  
  PR:   48471

Modified:
  head/sys/kern/sysv_msg.c
  head/sys/kern/sysv_sem.c
  head/sys/kern/sysv_shm.c

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cTue Apr 26 18:11:45 2016(r298655)
+++ head/sys/kern/sysv_msg.cTue Apr 26 18:17:44 2016(r298656)
@@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -1423,38 +1422,28 @@ sys_msgrcv(td, uap)
 static int
 sysctl_msqids(SYSCTL_HANDLER_ARGS)
 {
-   struct sbuf sb;
-   struct msqid_kernel tmp, empty;
-   struct msqid_kernel *msqkptr;
-   struct prison *rpr;
+   struct msqid_kernel tmsqk;
+   struct prison *pr, *rpr;
int error, i;
 
-   error = sysctl_wire_old_buffer(req, 0);
-   if (error != 0)
-   goto done;
+   pr = req->td->td_ucred->cr_prison;
rpr = msg_find_prison(req->td->td_ucred);
-   sbuf_new_for_sysctl(, NULL, sizeof(struct msqid_kernel) *
-   msginfo.msgmni, req);
-
-   bzero(, sizeof(empty));
+   error = 0;
for (i = 0; i < msginfo.msgmni; i++) {
-   msqkptr = [i];
-   if (msqkptr->u.msg_qbytes == 0 || rpr == NULL ||
-   msq_prison_cansee(rpr, msqkptr) != 0) {
-   msqkptr = 
-   } else if (req->td->td_ucred->cr_prison !=
-   msqkptr->cred->cr_prison) {
-   bcopy(msqkptr, , sizeof(tmp));
-   msqkptr = 
-   msqkptr->u.msg_perm.key = IPC_PRIVATE;
+   mtx_lock(_mtx);
+   if (msqids[i].u.msg_qbytes == 0 || rpr == NULL ||
+   msq_prison_cansee(rpr, [i]) != 0)
+   bzero(, sizeof(tmsqk));
+   else {
+   tmsqk = msqids[i];
+   if (tmsqk.cred->cr_prison != pr)
+   tmsqk.u.msg_perm.key = IPC_PRIVATE;
}
-
-   sbuf_bcat(, msqkptr, sizeof(*msqkptr));
+   mtx_unlock(_mtx);
+   error = SYSCTL_OUT(req, , sizeof(tmsqk));
+   if (error != 0)
+   break;
}
-   error = sbuf_finish();
-   sbuf_delete();
-
-done:
return (error);
 }
 
@@ -1470,7 +1459,8 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, msgssz, 
 "Size of a message segment");
 SYSCTL_INT(_kern_ipc, OID_AUTO, msgseg, CTLFLAG_RDTUN, , 0,
 "Number of message segments");
-SYSCTL_PROC(_kern_ipc, OID_AUTO, msqids, CTLTYPE_OPAQUE | CTLFLAG_RD,
+SYSCTL_PROC(_kern_ipc, OID_AUTO, msqids,
+CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE,
 NULL, 0, sysctl_msqids, "", "Message queue IDs");
 
 static int

Modified: head/sys/kern/sysv_sem.c
==
--- head/sys/kern/sysv_sem.cTue Apr 26 18:11:45 2016(r298655)
+++ head/sys/kern/sysv_sem.cTue Apr 26 18:17:44 2016(r298656)
@@ -52,7 +52,6 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -220,7 +219,8 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, semvmx, 
 "Semaphore maximum value");
 SYSCTL_INT(_kern_ipc, OID_AUTO, semaem, CTLFLAG_RWTUN, , 0,
 "Adjust on exit max value");
-SYSCTL_PROC(_kern_ipc, OID_AUTO, sema, CTLTYPE_OPAQUE | CTLFLAG_RD,
+SYSCTL_PROC(_kern_ipc, OID_AUTO, sema,
+CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE,
 NULL, 0, sysctl_sema, "", "Semaphore id pool");
 
 static struct syscall_helper_data sem_syscalls[] = {
@@ -1465,38 +1465,28 @@ semexit_myhook(void *arg, struct proc *p
 static int
 sysctl_sema(SYSCTL_HANDLER_ARGS)
 {
-   struct prison *rpr;
-   struct sbuf sb;
-   struct semid_kernel tmp, empty;
-   struct semid_kernel *semakptr;
+   struct prison *pr, *rpr;
+   struct semid_kernel tsemak;
int error, i;
 
-   error = sysctl_wire_old_buffer(req, 0);
-   if (error != 0)
-   goto done;
+   pr = req->td->td_ucred->cr_prison;
rpr = sem_find_prison(req->td->td_ucred);
-   sbuf_new_for_sysctl(, NULL, sizeof(struct semid_kernel) *
-   seminfo.semmni, req);
-
-   bzero(, sizeof(empty));
+   error = 0;
for (i = 0; i < seminfo.semmni; i++) {
-   semakptr = [i];
-   if ((semakptr->u.sem_perm.mode & SEM_ALLOC) == 0 ||
-   rpr == NULL || sem_prison_cansee(rpr, semakptr) != 0) {
-   semakptr = 
-   } else if (req->td->td_ucred->cr_prison !=
-   semakptr->cred->cr_prison) {
-   bcopy(semakptr, , sizeof(tmp));
-

svn commit: r298597 - head/sys/kern

2016-04-25 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 22:30:10 2016
New Revision: 298597
URL: https://svnweb.freebsd.org/changeset/base/298597

Log:
  Fix the logic in r298585: shm_prison_cansee returns an errno, so is
  the opposite of a boolean.
  
  PR:   48471

Modified:
  head/sys/kern/sysv_shm.c

Modified: head/sys/kern/sysv_shm.c
==
--- head/sys/kern/sysv_shm.cMon Apr 25 22:25:57 2016(r298596)
+++ head/sys/kern/sysv_shm.cMon Apr 25 22:30:10 2016(r298597)
@@ -230,7 +230,7 @@ shm_find_segment(struct prison *rpr, int
(!shm_allow_removed &&
(shmseg->u.shm_perm.mode & SHMSEG_REMOVED) != 0) ||
(is_shmid && shmseg->u.shm_perm.seq != IPCID_TO_SEQ(arg)) ||
-   !shm_prison_cansee(rpr, shmseg))
+   shm_prison_cansee(rpr, shmseg) != 0)
return (NULL);
return (shmseg);
 }
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298585 - in head: sys/kern usr.sbin/jail

2016-04-25 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 17:06:50 2016
New Revision: 298585
URL: https://svnweb.freebsd.org/changeset/base/298585

Log:
  Encapsulate SYSV IPC objects in jails.  Define per-module parameters
  sysvmsg, sysvsem, and sysvshm, with the following bahavior:
  
  inherit: allow full access to the IPC primitives.  This is the same as
  the current setup with allow.sysvipc is on.  Jails and the base system
  can see (and moduly) each other's objects, which is generally considered
  a bad thing (though may be useful in some circumstances).
  
  disable: all no access, same as the current setup with allow.sysvipc off.
  
  new: A jail may see use the IPC objects that it has created.  It also
  gets its own IPC key namespace, so different jails may have their own
  objects using the same key value.  The parent jail (or base system) can
  see the jail's IPC objects, but not its keys.
  
  PR:   48471
  Submitted by: based on work by kikucha...@gmail.com
  MFC after:5 days

Modified:
  head/sys/kern/sysv_msg.c
  head/sys/kern/sysv_sem.c
  head/sys/kern/sysv_shm.c
  head/usr.sbin/jail/jail.8

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cMon Apr 25 17:01:13 2016(r298584)
+++ head/sys/kern/sysv_msg.cMon Apr 25 17:06:50 2016(r298585)
@@ -62,8 +62,11 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -80,6 +83,14 @@ static MALLOC_DEFINE(M_MSG, "msg", "SVID
 static int msginit(void);
 static int msgunload(void);
 static int sysvmsg_modload(struct module *, int, void *);
+static void msq_remove(struct msqid_kernel *);
+static struct prison *msg_find_prison(struct ucred *);
+static int msq_prison_cansee(struct prison *, struct msqid_kernel *);
+static int msg_prison_check(void *, void *);
+static int msg_prison_set(void *, void *);
+static int msg_prison_get(void *, void *);
+static int msg_prison_remove(void *, void *);
+static void msg_prison_cleanup(struct prison *);
 
 
 #ifdef MSG_DEBUG
@@ -155,6 +166,7 @@ static struct msgmap *msgmaps;  /* MSGSEG
 static struct msg *msghdrs;/* MSGTQL msg headers */
 static struct msqid_kernel *msqids;/* MSGMNI msqid_kernel struct's */
 static struct mtx msq_mtx; /* global mutex for message queues. */
+static unsigned msg_prison_slot;/* prison OSD slot */
 
 static struct syscall_helper_data msg_syscalls[] = {
SYSCALL_INIT_HELPER(msgctl),
@@ -194,7 +206,15 @@ static struct syscall_helper_data msg32_
 static int
 msginit()
 {
+   struct prison *pr;
+   void *rsv;
int i, error;
+   osd_method_t methods[PR_MAXMETHOD] = {
+   [PR_METHOD_CHECK] = msg_prison_check,
+   [PR_METHOD_SET] =   msg_prison_set,
+   [PR_METHOD_GET] =   msg_prison_get,
+   [PR_METHOD_REMOVE] =msg_prison_remove,
+   };
 
msginfo.msgmax = msginfo.msgseg * msginfo.msgssz;
msgpool = malloc(msginfo.msgmax, M_MSG, M_WAITOK);
@@ -252,6 +272,29 @@ msginit()
}
mtx_init(_mtx, "msq", NULL, MTX_DEF);
 
+   /* Set current prisons according to their allow.sysvipc. */
+   msg_prison_slot = osd_jail_register(NULL, methods);
+   rsv = osd_reserve(msg_prison_slot);
+   prison_lock();
+   (void)osd_jail_set_reserved(, msg_prison_slot, rsv, );
+   prison_unlock();
+   rsv = NULL;
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list) {
+   if (rsv == NULL)
+   rsv = osd_reserve(msg_prison_slot);
+   prison_lock(pr);
+   if ((pr->pr_allow & PR_ALLOW_SYSVIPC) && pr->pr_ref > 0) {
+   (void)osd_jail_set_reserved(pr, msg_prison_slot, rsv,
+   );
+   rsv = NULL;
+   }
+   prison_unlock(pr);
+   }
+   if (rsv != NULL)
+   osd_free_reserved(rsv);
+   sx_sunlock(_lock);
+
error = syscall_helper_register(msg_syscalls, SY_THR_STATIC_KLD);
if (error != 0)
return (error);
@@ -292,6 +335,8 @@ msgunload()
if (msqid != msginfo.msgmni)
return (EBUSY);
 
+   if (msg_prison_slot != 0)
+   osd_jail_deregister(msg_prison_slot);
 #ifdef MAC
for (i = 0; i < msginfo.msgtql; i++)
mac_sysvmsg_destroy([i]);
@@ -366,6 +411,67 @@ msg_freehdr(msghdr)
 #endif
 }
 
+static void
+msq_remove(struct msqid_kernel *msqkptr)
+{
+   struct msg *msghdr;
+
+   racct_sub_cred(msqkptr->cred, RACCT_NMSGQ, 1);
+   racct_sub_cred(msqkptr->cred, RACCT_MSGQQUEUED, msqkptr->u.msg_qnum);
+   racct_sub_cred(msqkptr->cred, RACCT_MSGQSIZE, msqkptr->u.msg_cbytes);
+   crfree(msqkptr->cred);
+   msqkptr->cred = NULL;
+
+   /* Free the message headers */
+   msghdr = msqkptr->u.msg_first;
+

svn commit: r298584 - head/usr.sbin/jail

2016-04-25 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 17:01:13 2016
New Revision: 298584
URL: https://svnweb.freebsd.org/changeset/base/298584

Log:
  Note the existence of module-specific jail paramters, starting with the
  linux.* parameters when linux emulation is loaded.
  
  MFC after:5 days

Modified:
  head/usr.sbin/jail/jail.8

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Mon Apr 25 16:53:13 2016(r298583)
+++ head/usr.sbin/jail/jail.8   Mon Apr 25 17:01:13 2016(r298584)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 20, 2015
+.Dd April 25, 2016
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -610,6 +610,32 @@ have not had jail functionality added to
 .El
 .El
 .Pp
+Kernel modules may add their own parameters, which only exist when the
+module is loaded.
+These are typically headed under a parameter named after the module,
+with values of
+.Dq inherit
+to give the jail full use of the module,
+.Dq new
+to encapsulate the jail in some module-specific way,
+and
+.Dq disable
+to make the module unavailable to the jail.
+There also may be other parameters to define jail behavior within the module.
+Module-specific parameters include:
+.Bl -tag -width indent
+.It Va linux
+Determine how a jail's Linux emulation environment appears.
+A value of
+.Dq inherit
+will keep the same environment, and
+.Dq new
+will give the jail it's own environment (still originally inherited when
+the jail is created).
+.It Va linux.osname , linux.osrelease , linux.oss_version
+The Linux OS name, OS release, and OSS version associated with this jail.
+.El
+.Pp
 There are pseudo-parameters that are not passed to the kernel, but are
 used by
 .Nm
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298573 - head/sys/compat/linux

2016-04-25 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 06:08:45 2016
New Revision: 298573
URL: https://svnweb.freebsd.org/changeset/base/298573

Log:
  linux_map_osrel doesn't need to be checked in linux_prison_set,
  since it already was in linux_prison_check.

Modified:
  head/sys/compat/linux/linux_mib.c

Modified: head/sys/compat/linux/linux_mib.c
==
--- head/sys/compat/linux/linux_mib.c   Mon Apr 25 05:58:32 2016
(r298572)
+++ head/sys/compat/linux/linux_mib.c   Mon Apr 25 06:08:45 2016
(r298573)
@@ -153,7 +153,8 @@ linux_map_osrel(char *osrelease, int *os
if (v < 100)
return (EINVAL);
 
-   *osrel = v;
+   if (osrel != NULL)
+   *osrel = v;
 
return (0);
 }
@@ -249,7 +250,7 @@ linux_prison_check(void *obj __unused, v
 {
struct vfsoptlist *opts = data;
char *osname, *osrelease;
-   int error, jsys, len, osrel, oss_version;
+   int error, jsys, len, oss_version;
 
/* Check that the parameters are correct. */
error = vfs_copyopt(opts, "linux", , sizeof(jsys));
@@ -280,7 +281,7 @@ linux_prison_check(void *obj __unused, v
vfs_opterror(opts, "linux.osrelease too long");
return (ENAMETOOLONG);
}
-   error = linux_map_osrel(osrelease, );
+   error = linux_map_osrel(osrelease, NULL);
if (error != 0) {
vfs_opterror(opts, "linux.osrelease format error");
return (error);
@@ -339,11 +340,7 @@ linux_prison_set(void *obj, void *data)
 */
linux_alloc_prison(pr, );
if (osrelease) {
-   error = linux_map_osrel(osrelease, >pr_osrel);
-   if (error) {
-   mtx_unlock(>pr_mtx);
-   return (error);
-   }
+   (void)linux_map_osrel(osrelease, >pr_osrel);
strlcpy(lpr->pr_osrelease, osrelease,
LINUX_MAX_UTSNAME);
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298567 - head/sys/kern

2016-04-24 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 04:36:54 2016
New Revision: 298567
URL: https://svnweb.freebsd.org/changeset/base/298567

Log:
  Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX
  message queues.

Modified:
  head/sys/kern/uipc_mqueue.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Mon Apr 25 04:27:58 2016(r298566)
+++ head/sys/kern/uipc_mqueue.c Mon Apr 25 04:36:54 2016(r298567)
@@ -154,11 +154,6 @@ struct mqfs_node {
 #defineFPTOMQ(fp)  ((struct mqueue *)(((struct mqfs_node *) \
(fp)->f_data)->mn_data))
 
-struct mqfs_osd {
-   struct task mo_task;
-   const void  *mo_pr_root;
-};
-
 TAILQ_HEAD(msgq, mqueue_msg);
 
 struct mqueue;
@@ -244,9 +239,7 @@ static int  mqfs_destroy(struct mqfs_node
 static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
 static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
 static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct 
mqfs_node *pn);
-static int mqfs_prison_create(void *obj, void *data);
-static voidmqfs_prison_destructor(void *data);
-static voidmqfs_prison_remove_task(void *context, int pending);
+static int mqfs_prison_remove(void *obj, void *data);
 
 /*
  * Message queue construction and maniplation
@@ -656,9 +649,8 @@ mqfs_init(struct vfsconf *vfc)
 {
struct mqfs_node *root;
struct mqfs_info *mi;
-   struct prison *pr;
osd_method_t methods[PR_MAXMETHOD] = {
-   [PR_METHOD_CREATE] = mqfs_prison_create,
+   [PR_METHOD_REMOVE] = mqfs_prison_remove,
};
 
mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
@@ -686,13 +678,7 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
-
-   /* Note current jails. */
-   mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
-   sx_slock(_lock);
-   TAILQ_FOREACH(pr, , pr_list)
-   (void)mqfs_prison_create(pr, NULL);
-   sx_sunlock(_lock);
+   mqfs_osd_jail_slot = osd_jail_register(NULL, methods);
return (0);
 }
 
@@ -702,14 +688,11 @@ mqfs_init(struct vfsconf *vfc)
 static int
 mqfs_uninit(struct vfsconf *vfc)
 {
-   unsigned slot;
struct mqfs_info *mi;
 
if (!unloadable)
return (EOPNOTSUPP);
-   slot = mqfs_osd_jail_slot;
-   mqfs_osd_jail_slot = 0;
-   osd_jail_deregister(slot);
+   osd_jail_deregister(mqfs_osd_jail_slot);
EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
mi = _data;
mqfs_destroy(mi->mi_root);
@@ -1563,64 +1546,22 @@ mqfs_rmdir(struct vop_rmdir_args *ap)
 
 #endif /* notyet */
 
-
 /*
- * Set a destructor task with the prison's root
+ * See if this prison root is obsolete, and clean up associated queues if it 
is.
  */
 static int
-mqfs_prison_create(void *obj, void *data __unused)
-{
-   struct prison *pr = obj;
-   struct mqfs_osd *mo;
-   void *rsv;
-
-   if (pr->pr_root == pr->pr_parent->pr_root)
-   return(0);
-
-   mo = malloc(sizeof(struct mqfs_osd), M_PRISON, M_WAITOK);
-   rsv = osd_reserve(mqfs_osd_jail_slot);
-   TASK_INIT(>mo_task, 0, mqfs_prison_remove_task, mo);
-   mtx_lock(>pr_mtx);
-   mo->mo_pr_root = pr->pr_root;
-   (void)osd_jail_set_reserved(pr, mqfs_osd_jail_slot, rsv, mo);
-   mtx_unlock(>pr_mtx);
-   return (0);
-}
-
-/*
- * Queue the task for after jail/OSD locks are released
- */
-static void
-mqfs_prison_destructor(void *data)
-{
-   struct mqfs_osd *mo = data;
-
-   if (mqfs_osd_jail_slot != 0)
-   taskqueue_enqueue(taskqueue_thread, >mo_task);
-   else
-   free(mo, M_PRISON);
-}
-
-/*
- * See if this prison root is obsolete, and clean up associated queues if it is
- */
-static void
-mqfs_prison_remove_task(void *context, int pending)
+mqfs_prison_remove(void *obj, void *data __unused)
 {
-   struct mqfs_osd *mo = context;
+   const struct prison *pr = obj;
+   const struct prison *tpr;
struct mqfs_node *pn, *tpn;
-   const struct prison *pr;
-   const void *pr_root;
int found;
 
-   pr_root = mo->mo_pr_root;
found = 0;
-   sx_slock(_lock);
-   TAILQ_FOREACH(pr, , pr_list) {
-   if (pr->pr_root == pr_root)
+   TAILQ_FOREACH(tpr, , pr_list) {
+   if (tpr->pr_root == pr->pr_root && tpr != pr && tpr->pr_ref > 0)
found = 1;
}
-   sx_sunlock(_lock);
if (!found) {
/*
 * No jails are rooted in this directory anymore,
@@ -1629,15 +1570,14 @@ mqfs_prison_remove_task(void *context, i
sx_xlock(_data.mi_lock);

svn commit: r298566 - head/sys/kern

2016-04-24 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 04:27:58 2016
New Revision: 298566
URL: https://svnweb.freebsd.org/changeset/base/298566

Log:
  Pass the current/new jail to PR_METHOD_CHECK, which pushes the call
  until after the jail is found or created.  This requires unlocking the
  jail for the call and re-locking it afterward, but that works because
  nothing in the jail has been changed yet, and other processes won't
  change the important fields as long as allprison_lock remains held.
  
  Keep better track of name vs namelc in kern_jail_set.  Name should
  always be the hierarchical name (relative to the caller), and namelc
  the last component.
  
  PR:   48471
  MFC after:5 days

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon Apr 25 04:24:00 2016(r298565)
+++ head/sys/kern/kern_jail.c   Mon Apr 25 04:27:58 2016(r298566)
@@ -555,7 +555,7 @@ kern_jail_set(struct thread *td, struct 
void *op;
 #endif
unsigned long hid;
-   size_t namelen, onamelen;
+   size_t namelen, onamelen, pnamelen;
int born, created, cuflags, descend, enforce;
int error, errmsg_len, errmsg_pos;
int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel;
@@ -580,7 +580,7 @@ kern_jail_set(struct thread *td, struct 
error = priv_check(td, PRIV_JAIL_ATTACH);
if (error)
return (error);
-   mypr = ppr = td->td_ucred->cr_prison;
+   mypr = td->td_ucred->cr_prison;
if ((flags & JAIL_CREATE) && mypr->pr_childmax == 0)
return (EPERM);
if (flags & ~JAIL_SET_MASK)
@@ -607,6 +607,13 @@ kern_jail_set(struct thread *td, struct 
 #endif
g_path = NULL;
 
+   cuflags = flags & (JAIL_CREATE | JAIL_UPDATE);
+   if (!cuflags) {
+   error = EINVAL;
+   vfs_opterror(opts, "no valid operation (create or update)");
+   goto done_errmsg;
+   }
+
error = vfs_copyopt(opts, "jid", , sizeof(jid));
if (error == ENOENT)
jid = 0;
@@ -1009,42 +1016,18 @@ kern_jail_set(struct thread *td, struct 
}
 
/*
-* Grab the allprison lock before letting modules check their
-* parameters.  Once we have it, do not let go so we'll have a
-* consistent view of the OSD list.
-*/
-   sx_xlock(_lock);
-   error = osd_jail_call(NULL, PR_METHOD_CHECK, opts);
-   if (error)
-   goto done_unlock_list;
-
-   /* By now, all parameters should have been noted. */
-   TAILQ_FOREACH(opt, opts, link) {
-   if (!opt->seen && strcmp(opt->name, "errmsg")) {
-   error = EINVAL;
-   vfs_opterror(opts, "unknown parameter: %s", opt->name);
-   goto done_unlock_list;
-   }
-   }
-
-   /*
-* See if we are creating a new record or updating an existing one.
+* Find the specified jail, or at least its parent.
 * This abuses the file error codes ENOENT and EEXIST.
 */
-   cuflags = flags & (JAIL_CREATE | JAIL_UPDATE);
-   if (!cuflags) {
-   error = EINVAL;
-   vfs_opterror(opts, "no valid operation (create or update)");
-   goto done_unlock_list;
-   }
pr = NULL;
-   namelc = NULL;
+   ppr = mypr;
if (cuflags == JAIL_CREATE && jid == 0 && name != NULL) {
namelc = strrchr(name, '.');
jid = strtoul(namelc != NULL ? namelc + 1 : name, , 10);
if (*p != '\0')
jid = 0;
}
+   sx_xlock(_lock);
if (jid != 0) {
/*
 * See if a requested jid already exists.  There is an
@@ -1110,6 +1093,7 @@ kern_jail_set(struct thread *td, struct 
 * and updates keyed by the name itself (where the name must exist
 * because that is the jail being updated).
 */
+   namelc = NULL;
if (name != NULL) {
namelc = strrchr(name, '.');
if (namelc == NULL)
@@ -1120,7 +1104,6 @@ kern_jail_set(struct thread *td, struct 
 * parent and child names, and make sure the parent
 * exists or matches an already found jail.
 */
-   *namelc = '\0';
if (pr != NULL) {
if (strncmp(name, ppr->pr_name, namelc - name)
|| ppr->pr_name[namelc - name] != '\0') {
@@ -1131,6 +1114,7 @@ kern_jail_set(struct thread *td, struct 
goto done_unlock_list;
}
} else {
+   *namelc = '\0';
ppr =

svn commit: r298565 - in head/sys: kern sys

2016-04-24 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 04:24:00 2016
New Revision: 298565
URL: https://svnweb.freebsd.org/changeset/base/298565

Log:
  Add a new jail OSD method, PR_METHOD_REMOVE.  It's called when a jail is
  removed from the user perspective, i.e. when the last pr_uref goes away,
  even though the jail mail still exist in the dying state.  It will also
  be called if either PR_METHOD_CREATE or PR_METHOD_SET fail.
  
  PR:   48471
  MFC after: 5 days

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon Apr 25 03:58:08 2016(r298564)
+++ head/sys/kern/kern_jail.c   Mon Apr 25 04:24:00 2016(r298565)
@@ -556,7 +556,8 @@ kern_jail_set(struct thread *td, struct 
 #endif
unsigned long hid;
size_t namelen, onamelen;
-   int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos;
+   int born, created, cuflags, descend, enforce;
+   int error, errmsg_len, errmsg_pos;
int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel;
int fi, jid, jsys, len, level;
int childmax, osreldt, rsnum, slevel;
@@ -1767,6 +1768,7 @@ kern_jail_set(struct thread *td, struct 
 * for now, so new ones will remain unseen until after the module
 * handlers have completed.
 */
+   born = pr->pr_uref == 0;
if (!created && (ch_flags & PR_PERSIST & (pr_flags ^ pr->pr_flags))) {
if (pr_flags & PR_PERSIST) {
pr->pr_ref++;
@@ -1836,15 +1838,20 @@ kern_jail_set(struct thread *td, struct 
 
/* Let the modules do their work. */
sx_downgrade(_lock);
-   if (created) {
+   if (born) {
error = osd_jail_call(pr, PR_METHOD_CREATE, opts);
if (error) {
-   prison_deref(pr, PD_LIST_SLOCKED);
+   (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
+   prison_deref(pr, created
+   ? PD_LIST_SLOCKED
+   : PD_DEREF | PD_LIST_SLOCKED);
goto done_errmsg;
}
}
error = osd_jail_call(pr, PR_METHOD_SET, opts);
if (error) {
+   if (born)
+   (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
prison_deref(pr, created
? PD_LIST_SLOCKED
: PD_DEREF | PD_LIST_SLOCKED);
@@ -1896,7 +1903,7 @@ kern_jail_set(struct thread *td, struct 
sx_sunlock(_lock);
}
 
-   goto done_errmsg;
+   goto done_free;
 
  done_deref_locked:
prison_deref(pr, created
@@ -2596,19 +2603,46 @@ static void
 prison_deref(struct prison *pr, int flags)
 {
struct prison *ppr, *tpr;
+   int ref, lasturef;
 
if (!(flags & PD_LOCKED))
mtx_lock(>pr_mtx);
for (;;) {
if (flags & PD_DEUREF) {
pr->pr_uref--;
+   lasturef = pr->pr_uref == 0;
+   if (lasturef)
+   pr->pr_ref++;
KASSERT(prison0.pr_uref != 0, ("prison0 pr_uref=0"));
-   }
+   } else
+   lasturef = 0;
if (flags & PD_DEREF)
pr->pr_ref--;
-   /* If the prison still has references, nothing else to do. */
-   if (pr->pr_ref > 0) {
+   ref = pr->pr_ref;
+   mtx_unlock(>pr_mtx);
+
+   /*
+* Tell the modules if the last user reference was removed
+* (even it sticks around in dying state).
+*/
+   if (lasturef) {
+   if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) {
+   if (ref > 1) {
+   sx_slock(_lock);
+   flags |= PD_LIST_SLOCKED;
+   } else {
+   sx_xlock(_lock);
+   flags |= PD_LIST_XLOCKED;
+   }
+   }
+   (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL);
+   mtx_lock(>pr_mtx);
+   ref = --pr->pr_ref;
mtx_unlock(>pr_mtx);
+   }
+
+   /* If the prison still has references, nothing else to do. */
+   if (ref > 0) {
if (flags & PD_LIST_SLOCKED)
sx_sunlock(_lock);
else if (flags & PD_LIST_XLOCKED)
@@ -2616,7 +2650,6 @@ prison_deref(struct prison *pr, int flag
return;
}
 
-   mtx_unlock(>pr_mtx);

svn commit: r298564 - in head/sys: kern sys

2016-04-24 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 03:58:08 2016
New Revision: 298564
URL: https://svnweb.freebsd.org/changeset/base/298564

Log:
  Remove the PR_REMOVE flag, which was meant as a temporary marker for
  a jail that might be seen mid-removal.  It hasn't been doing the right
  thing since at least the ability to resurrect dying jails, and such
  resurrection also makes it unnecessary.

Modified:
  head/sys/kern/kern_jail.c
  head/sys/sys/jail.h

Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c   Mon Apr 25 03:48:28 2016(r298563)
+++ head/sys/kern/kern_jail.c   Mon Apr 25 03:58:08 2016(r298564)
@@ -1222,7 +1222,7 @@ kern_jail_set(struct thread *td, struct 
}
created = 1;
mtx_lock(>pr_mtx);
-   if (ppr->pr_ref == 0 || (ppr->pr_flags & PR_REMOVE)) {
+   if (ppr->pr_ref == 0) {
mtx_unlock(>pr_mtx);
error = ENOENT;
vfs_opterror(opts, "parent jail went away!");
@@ -2273,7 +2273,6 @@ sys_jail_remove(struct thread *td, struc
 
/* Remove all descendants of this prison, then remove this prison. */
pr->pr_ref++;
-   pr->pr_flags |= PR_REMOVE;
if (!LIST_EMPTY(>pr_children)) {
mtx_unlock(>pr_mtx);
lpr = NULL;
@@ -2282,7 +2281,6 @@ sys_jail_remove(struct thread *td, struc
if (cpr->pr_ref > 0) {
tpr = cpr;
cpr->pr_ref++;
-   cpr->pr_flags |= PR_REMOVE;
} else {
/* Already removed - do not do it again. */
tpr = NULL;

Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Mon Apr 25 03:48:28 2016(r298563)
+++ head/sys/sys/jail.h Mon Apr 25 03:58:08 2016(r298564)
@@ -210,7 +210,6 @@ struct prison_racct {
/* primary jail address. */
 
 /* Internal flag bits */
-#definePR_REMOVE   0x0100  /* In process of being removed 
*/
 #definePR_IP4  0x0200  /* IPv4 restricted or disabled 
*/
/* by this jail or an ancestor */
 #definePR_IP6  0x0400  /* IPv6 restricted or disabled 
*/
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298562 - head/usr.sbin/jail

2016-04-24 Thread Jamie Gritton 
Author: jamie
Date: Mon Apr 25 03:24:48 2016
New Revision: 298562
URL: https://svnweb.freebsd.org/changeset/base/298562

Log:
  Make jail(8) interpret escape codes in fstab the same as getfsent(3).
  
  PR:   208663
  MFC after:3 days

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cMon Apr 25 03:14:55 2016
(r298561)
+++ head/usr.sbin/jail/command.cMon Apr 25 03:24:48 2016
(r298562)
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 
 #include "jailp.h"
 
@@ -444,8 +445,14 @@ run_command(struct cfjail *j)
strcpy(comcs, comstring->s);
argc = 0;
for (cs = strtok(comcs, " \t\f\v\r\n"); cs && argc < 4;
-cs = strtok(NULL, " \t\f\v\r\n"))
+cs = strtok(NULL, " \t\f\v\r\n")) {
+   if (argc <= 1 && strunvis(cs, cs) < 0) {
+   jail_warnx(j, "%s: %s: fstab parse error",
+   j->intparams[comparam]->name, comstring->s);
+   return -1;
+   }
argv[argc++] = cs;
+   }
if (argc == 0)
return 0;
if (argc < 3) {
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r298516 - head/etc/rc.d

2016-04-23 Thread Jamie Gritton 
Author: jamie
Date: Sat Apr 23 16:23:01 2016
New Revision: 298516
URL: https://svnweb.freebsd.org/changeset/base/298516

Log:
  Don't remove the /var/run/jail_name.id file if a jail fails to start.
  This messes up ezjail (and possibly others), when attempting to start
  a jail that already exists.
  
  PR:   208806
  Reviewed by:  tj
  MFC after:5 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Sat Apr 23 16:19:34 2016(r298515)
+++ head/etc/rc.d/jail  Sat Apr 23 16:23:01 2016(r298516)
@@ -489,7 +489,6 @@ jail_start()
if _jid=$($jail_jls -j $_j jid); then
echo "$_jid" > /var/run/jail_${_j}.id
else
-   rm -f /var/run/jail_${_j}.id
echo " cannot start jail " \
"\"${_hostname:-${_j}}\": "
fi
@@ -513,7 +512,6 @@ jail_start()
_jid=$($jail_jls -j $_j jid)
echo $_jid > /var/run/jail_${_j}.id
else
-   rm -f /var/run/jail_${_j}.id
echo " cannot start jail " \
"\"${_hostname:-${_j}}\": "
cat $_tmp
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r297976 - head/sys/kern

2016-04-14 Thread Jamie Gritton 
Author: jamie
Date: Thu Apr 14 17:07:26 2016
New Revision: 297976
URL: https://svnweb.freebsd.org/changeset/base/297976

Log:
  Clean up some style(9) violations.

Modified:
  head/sys/kern/uipc_mqueue.c
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Thu Apr 14 17:06:37 2016(r297975)
+++ head/sys/kern/uipc_mqueue.c Thu Apr 14 17:07:26 2016(r297976)
@@ -686,7 +686,8 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
-   /* Note current jails */
+
+   /* Note current jails. */
mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
sx_slock(_lock);
TAILQ_FOREACH(pr, , pr_list)
@@ -1423,6 +1424,7 @@ mqfs_readdir(struct vop_readdir_args *ap
 
LIST_FOREACH(pn, >mn_children, mn_sibling) {
entry.d_reclen = sizeof(entry);
+
/*
 * Only show names within the same prison root directory
 * (or not associated with a prison, e.g. "." and "..").

Modified: head/sys/kern/uipc_sem.c
==
--- head/sys/kern/uipc_sem.cThu Apr 14 17:06:37 2016(r297975)
+++ head/sys/kern/uipc_sem.cThu Apr 14 17:07:26 2016(r297976)
@@ -271,13 +271,11 @@ ksem_fill_kinfo(struct file *fp, struct 
mtx_unlock(_lock);
if (ks->ks_path != NULL) {
sx_slock(_dict_lock);
-   if (ks->ks_path != NULL)
-   {
+   if (ks->ks_path != NULL) {
path = ks->ks_path;
pr_path = curthread->td_ucred->cr_prison->pr_path;
-   if (strcmp(pr_path, "/") != 0)
-   {
-   /* Return the jail-rooted pathname */
+   if (strcmp(pr_path, "/") != 0) {
+   /* Return the jail-rooted pathname. */
pr_pathlen = strlen(pr_path);
if (strncmp(path, pr_path, pr_pathlen) == 0 &&
path[pr_pathlen] == '/')
@@ -503,7 +501,8 @@ ksem_create(struct thread *td, const cha
} else {
path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
pr_path = td->td_ucred->cr_prison->pr_path;
-   /* Construct a full pathname for jailed callers */
+
+   /* Construct a full pathname for jailed callers. */
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(name, path + pr_pathlen,

Modified: head/sys/kern/uipc_shm.c
==
--- head/sys/kern/uipc_shm.cThu Apr 14 17:06:37 2016(r297975)
+++ head/sys/kern/uipc_shm.cThu Apr 14 17:07:26 2016(r297976)
@@ -727,7 +727,8 @@ kern_shm_open(struct thread *td, const c
} else {
path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
pr_path = td->td_ucred->cr_prison->pr_path;
-   /* Construct a full pathname for jailed callers */
+
+   /* Construct a full pathname for jailed callers. */
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(userpath, path + pr_pathlen,
@@ -1087,13 +1088,11 @@ shm_fill_kinfo(struct file *fp, struct k
kif->kf_un.kf_file.kf_file_size = shmfd->shm_size;
if (shmfd->shm_path != NULL) {
sx_slock(_dict_lock);
-   if (shmfd->shm_path != NULL)
-   {
+   if (shmfd->shm_path != NULL) {
path = shmfd->shm_path;
pr_path = curthread->td_ucred->cr_prison->pr_path;
-   if (strcmp(pr_path, "/") != 0)
-   {
-   /* Return the jail-rooted pathname */
+   if (strcmp(pr_path, "/") != 0) {
+   /* Return the jail-rooted pathname. */
pr_pathlen = strlen(pr_path);
if (strncmp(path, pr_path, pr_pathlen) == 0 &&
path[pr_pathlen] == '/')
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r297936 - head/sys/kern

2016-04-13 Thread Jamie Gritton 
Author: jamie
Date: Wed Apr 13 20:15:49 2016
New Revision: 297936
URL: https://svnweb.freebsd.org/changeset/base/297936

Log:
  Separate POSIX mqueue objects in jails; actually, separate them by the
  jail's root, so jails that don't have their own filesystem directory
  also won't have their own mqueue namespace.
  
  PR:   208082

Modified:
  head/sys/kern/uipc_mqueue.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Wed Apr 13 20:14:13 2016(r297935)
+++ head/sys/kern/uipc_mqueue.c Wed Apr 13 20:15:49 2016(r297936)
@@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -60,8 +61,8 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -132,6 +133,7 @@ struct mqfs_node {
LIST_HEAD(,mqfs_node)   mn_children;
LIST_ENTRY(mqfs_node)   mn_sibling;
LIST_HEAD(,mqfs_vdata)  mn_vnodes;
+   const void  *mn_pr_root;
int mn_refcount;
mqfs_type_t mn_type;
int mn_deleted;
@@ -152,6 +154,11 @@ struct mqfs_node {
 #defineFPTOMQ(fp)  ((struct mqueue *)(((struct mqfs_node *) \
(fp)->f_data)->mn_data))
 
+struct mqfs_osd {
+   struct task mo_task;
+   const void  *mo_pr_root;
+};
+
 TAILQ_HEAD(msgq, mqueue_msg);
 
 struct mqueue;
@@ -219,6 +226,7 @@ static uma_zone_t   mvdata_zone;
 static uma_zone_t  mqnoti_zone;
 static struct vop_vector   mqfs_vnodeops;
 static struct fileops  mqueueops;
+static unsignedmqfs_osd_jail_slot;
 
 /*
  * Directory structure construction and manipulation
@@ -236,6 +244,9 @@ static int  mqfs_destroy(struct mqfs_node
 static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
 static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
 static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct 
mqfs_node *pn);
+static int mqfs_prison_create(void *obj, void *data);
+static voidmqfs_prison_destructor(void *data);
+static voidmqfs_prison_remove_task(void *context, int pending);
 
 /*
  * Message queue construction and maniplation
@@ -436,6 +447,7 @@ mqfs_create_node(const char *name, int n
 
node = mqnode_alloc();
strncpy(node->mn_name, name, namelen);
+   node->mn_pr_root = cred->cr_prison->pr_root;
node->mn_type = nodetype;
node->mn_refcount = 1;
vfs_timestamp(>mn_birth);
@@ -644,6 +656,10 @@ mqfs_init(struct vfsconf *vfc)
 {
struct mqfs_node *root;
struct mqfs_info *mi;
+   struct prison *pr;
+   osd_method_t methods[PR_MAXMETHOD] = {
+   [PR_METHOD_CREATE] = mqfs_prison_create,
+   };
 
mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
@@ -670,6 +686,12 @@ mqfs_init(struct vfsconf *vfc)
EVENTHANDLER_PRI_ANY);
mq_fdclose = mqueue_fdclose;
p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
+   /* Note current jails */
+   mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list)
+   (void)mqfs_prison_create(pr, NULL);
+   sx_sunlock(_lock);
return (0);
 }
 
@@ -679,10 +701,14 @@ mqfs_init(struct vfsconf *vfc)
 static int
 mqfs_uninit(struct vfsconf *vfc)
 {
+   unsigned slot;
struct mqfs_info *mi;
 
if (!unloadable)
return (EOPNOTSUPP);
+   slot = mqfs_osd_jail_slot;
+   mqfs_osd_jail_slot = 0;
+   osd_jail_deregister(slot);
EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
mi = _data;
mqfs_destroy(mi->mi_root);
@@ -800,13 +826,17 @@ found:
  * Search a directory entry
  */
 static struct mqfs_node *
-mqfs_search(struct mqfs_node *pd, const char *name, int len)
+mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred 
*cred)
 {
struct mqfs_node *pn;
+   const void *pr_root;
 
sx_assert(>mn_info->mi_lock, SX_LOCKED);
+   pr_root = cred->cr_prison->pr_root;
LIST_FOREACH(pn, >mn_children, mn_sibling) {
-   if (strncmp(pn->mn_name, name, len) == 0 &&
+   /* Only match names within the same prison root directory */
+   if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) &&
+   strncmp(pn->mn_name, name, len) == 0 &&
pn->mn_name[len] == '\0')
return (pn);
}
@@ -878,7 +908,7 @@ mqfs_lookupx(struct vop_cachedlookup_arg
 
/* named node */
sx_xlock(>mi_lock);
-   pn = mqfs_search(pd, pname, namelen);
+

svn commit: r297935 - head/sys/kern

2016-04-13 Thread Jamie Gritton 
Author: jamie
Date: Wed Apr 13 20:14:13 2016
New Revision: 297935
URL: https://svnweb.freebsd.org/changeset/base/297935

Log:
  Separate POSIX sem/shm objects in jails, by prepending the jail's path
  name to the object's "path".  While the objects don't have real path
  names, it's a filesystem-like namespace, which allows jails to be
  kept to their own space, but still allows the system / jail parent to
  access a jail's IPC.
  
  PR:   208082

Modified:
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c

Modified: head/sys/kern/uipc_sem.c
==
--- head/sys/kern/uipc_sem.cWed Apr 13 20:12:02 2016(r297934)
+++ head/sys/kern/uipc_sem.cWed Apr 13 20:14:13 2016(r297935)
@@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -258,7 +259,9 @@ ksem_closef(struct file *fp, struct thre
 static int
 ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp)
 {
+   const char *path, *pr_path;
struct ksem *ks;
+   size_t pr_pathlen;
 
kif->kf_type = KF_TYPE_SEM;
ks = fp->f_data;
@@ -269,7 +272,19 @@ ksem_fill_kinfo(struct file *fp, struct 
if (ks->ks_path != NULL) {
sx_slock(_dict_lock);
if (ks->ks_path != NULL)
-   strlcpy(kif->kf_path, ks->ks_path, 
sizeof(kif->kf_path));
+   {
+   path = ks->ks_path;
+   pr_path = curthread->td_ucred->cr_prison->pr_path;
+   if (strcmp(pr_path, "/") != 0)
+   {
+   /* Return the jail-rooted pathname */
+   pr_pathlen = strlen(pr_path);
+   if (strncmp(path, pr_path, pr_pathlen) == 0 &&
+   path[pr_pathlen] == '/')
+   path += pr_pathlen;
+   }
+   strlcpy(kif->kf_path, path, sizeof(kif->kf_path));
+   }
sx_sunlock(_dict_lock);
}
return (0);
@@ -449,6 +464,8 @@ ksem_create(struct thread *td, const cha
struct ksem *ks;
struct file *fp;
char *path;
+   const char *pr_path;
+   size_t pr_pathlen;
Fnv32_t fnv;
int error, fd;
 
@@ -485,10 +502,15 @@ ksem_create(struct thread *td, const cha
ks->ks_flags |= KS_ANONYMOUS;
} else {
path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
-   error = copyinstr(name, path, MAXPATHLEN, NULL);
+   pr_path = td->td_ucred->cr_prison->pr_path;
+   /* Construct a full pathname for jailed callers */
+   pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
+   : strlcpy(path, pr_path, MAXPATHLEN);
+   error = copyinstr(name, path + pr_pathlen,
+   MAXPATHLEN - pr_pathlen, NULL);
 
/* Require paths to start with a '/' character. */
-   if (error == 0 && path[0] != '/')
+   if (error == 0 && path[pr_pathlen] != '/')
error = EINVAL;
if (error) {
fdclose(td, fp, fd);
@@ -624,11 +646,17 @@ int
 sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap)
 {
char *path;
+   const char *pr_path;
+   size_t pr_pathlen;
Fnv32_t fnv;
int error;
 
path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
-   error = copyinstr(uap->name, path, MAXPATHLEN, NULL);
+   pr_path = td->td_ucred->cr_prison->pr_path;
+   pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
+   : strlcpy(path, pr_path, MAXPATHLEN);
+   error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
+   NULL);
if (error) {
free(path, M_TEMP);
return (error);

Modified: head/sys/kern/uipc_shm.c
==
--- head/sys/kern/uipc_shm.cWed Apr 13 20:12:02 2016(r297934)
+++ head/sys/kern/uipc_shm.cWed Apr 13 20:14:13 2016(r297935)
@@ -57,6 +57,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -687,6 +688,8 @@ kern_shm_open(struct thread *td, const c
struct shmfd *shmfd;
struct file *fp;
char *path;
+   const char *pr_path;
+   size_t pr_pathlen;
Fnv32_t fnv;
mode_t cmode;
int fd, error;
@@ -723,13 +726,18 @@ kern_shm_open(struct thread *td, const c
shmfd = shm_alloc(td->td_ucred, cmode);
} else {
path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
-   error = copyinstr(userpath, path, MAXPATHLEN, NULL);
+   pr_path = td->td_ucred->cr_prison->pr_path;
+

svn commit: r297424 - head/sys/compat/linux

2016-03-30 Thread Jamie Gritton 
Author: jamie
Date: Wed Mar 30 17:05:04 2016
New Revision: 297424
URL: https://svnweb.freebsd.org/changeset/base/297424

Log:
  Use osd_reserve / osd_jail_set_reserved, which is known to succeed.
  Also don't work around nonexistent osd_register failure.

Modified:
  head/sys/compat/linux/linux_mib.c

Modified: head/sys/compat/linux/linux_mib.c
==
--- head/sys/compat/linux/linux_mib.c   Wed Mar 30 17:00:33 2016
(r297423)
+++ head/sys/compat/linux/linux_mib.c   Wed Mar 30 17:05:04 2016
(r297424)
@@ -168,9 +168,6 @@ linux_find_prison(struct prison *spr, st
struct prison *pr;
struct linux_prison *lpr;
 
-   if (!linux_osd_jail_slot)
-   /* In case osd_register failed. */
-   spr = 
for (pr = spr;; pr = pr->pr_parent) {
mtx_lock(>pr_mtx);
lpr = (pr == )
@@ -189,15 +186,14 @@ linux_find_prison(struct prison *spr, st
  * Ensure a prison has its own Linux info.  If lprp is non-null, point it to
  * the Linux info and lock the prison.
  */
-static int
+static void
 linux_alloc_prison(struct prison *pr, struct linux_prison **lprp)
 {
struct prison *ppr;
struct linux_prison *lpr, *nlpr;
-   int error;
+   void *rsv;
 
/* If this prison already has Linux info, return that. */
-   error = 0;
lpr = linux_find_prison(pr, );
if (ppr == pr)
goto done;
@@ -207,29 +203,24 @@ linux_alloc_prison(struct prison *pr, st
 */
mtx_unlock(>pr_mtx);
nlpr = malloc(sizeof(struct linux_prison), M_PRISON, M_WAITOK);
+   rsv = osd_reserve(linux_osd_jail_slot);
lpr = linux_find_prison(pr, );
if (ppr == pr) {
free(nlpr, M_PRISON);
+   osd_free_reserved(rsv);
goto done;
}
/* Inherit the initial values from the ancestor. */
mtx_lock(>pr_mtx);
-   error = osd_jail_set(pr, linux_osd_jail_slot, nlpr);
-   if (error == 0) {
-   bcopy(lpr, nlpr, sizeof(*lpr));
-   lpr = nlpr;
-   } else {
-   free(nlpr, M_PRISON);
-   lpr = NULL;
-   }
+   (void)osd_jail_set_reserved(pr, linux_osd_jail_slot, rsv, nlpr);
+   bcopy(lpr, nlpr, sizeof(*lpr));
+   lpr = nlpr;
mtx_unlock(>pr_mtx);
  done:
if (lprp != NULL)
*lprp = lpr;
else
mtx_unlock(>pr_mtx);
-
-   return (error);
 }
 
 /*
@@ -249,7 +240,8 @@ linux_prison_create(void *obj, void *dat
 * Inherit a prison's initial values from its parent
 * (different from JAIL_SYS_INHERIT which also inherits changes).
 */
-   return (linux_alloc_prison(pr, NULL));
+   linux_alloc_prison(pr, NULL);
+   return (0);
 }
 
 static int
@@ -345,11 +337,7 @@ linux_prison_set(void *obj, void *data)
 * "linux=new" or "linux.*":
 * the prison gets its own Linux info.
 */
-   error = linux_alloc_prison(pr, );
-   if (error) {
-   mtx_unlock(>pr_mtx);
-   return (error);
-   }
+   linux_alloc_prison(pr, );
if (osrelease) {
error = linux_map_osrel(osrelease, >pr_osrel);
if (error) {
@@ -449,21 +437,18 @@ linux_osd_jail_register(void)
 
linux_osd_jail_slot =
osd_jail_register(linux_prison_destructor, methods);
-   if (linux_osd_jail_slot > 0) {
-   /* Copy the system linux info to any current prisons. */
-   sx_xlock(_lock);
-   TAILQ_FOREACH(pr, , pr_list)
-   (void)linux_alloc_prison(pr, NULL);
-   sx_xunlock(_lock);
-   }
+   /* Copy the system linux info to any current prisons. */
+   sx_slock(_lock);
+   TAILQ_FOREACH(pr, , pr_list)
+   linux_alloc_prison(pr, NULL);
+   sx_sunlock(_lock);
 }
 
 void
 linux_osd_jail_deregister(void)
 {
 
-   if (linux_osd_jail_slot)
-   osd_jail_deregister(linux_osd_jail_slot);
+   osd_jail_deregister(linux_osd_jail_slot);
 }
 
 void
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r297422 - in head: share/man/man9 sys/kern sys/sys

2016-03-30 Thread Jamie Gritton 
Author: jamie
Date: Wed Mar 30 16:57:28 2016
New Revision: 297422
URL: https://svnweb.freebsd.org/changeset/base/297422

Log:
  Add osd_reserve() and osd_set_reserved(), which allow M_WAITOK allocation
  of an OSD array,

Modified:
  head/share/man/man9/osd.9
  head/sys/kern/kern_osd.c
  head/sys/sys/osd.h

Modified: head/share/man/man9/osd.9
==
--- head/share/man/man9/osd.9   Wed Mar 30 16:54:18 2016(r297421)
+++ head/share/man/man9/osd.9   Wed Mar 30 16:57:28 2016(r297422)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 5, 2011
+.Dd March 30, 2016
 .Dt OSD 9
 .Os
 .Sh NAME
@@ -33,6 +33,9 @@
 .Nm osd_register ,
 .Nm osd_deregister ,
 .Nm osd_set ,
+.Nm osd_reserve ,
+.Nm osd_set_reserved ,
+.Nm osd_free_reserved ,
 .Nm osd_get ,
 .Nm osd_del ,
 .Nm osd_call ,
@@ -63,6 +66,22 @@
 .Fa "void *value"
 .Fc
 .Ft void *
+.Fo osd_reserve
+.Fa "u_int slot"
+.Fc
+.Ft int
+.Fo osd_set_reserved
+.Fa "u_int type"
+.Fa "struct osd *osd"
+.Fa "u_int slot"
+.Fa "void *rsv"
+.Fa "void *value"
+.Fc
+.Ft void
+.Fo osd_free_reserved
+.Fa "void *rsv"
+.Fc
+.Ft void *
 .Fo osd_get
 .Fa "u_int type"
 .Fa "struct osd *osd"
@@ -198,6 +217,15 @@ argument points to a data object to asso
 .Fa osd .
 .Pp
 The
+.Fn osd_set_reserved
+function does the same as
+.Fn osd_set ,
+but with an extra argument
+.Fa rsv
+that is internal-use memory previously allocated via
+.Fn osd_reserve .
+.Pp
+The
 .Fn osd_get
 function returns the data pointer associated with a kernel data structure's
 .Vt struct osd
@@ -324,6 +352,24 @@ will proceed without any
 .Xr realloc 9
 calls.
 .Pp
+It is possible for
+.Fn osd_set
+to fail to allocate this array.  To ensure that such allocation succeeds,
+.Fn osd_reserve
+may be called (in a non-blocking context), and it will pre-allocate the
+memory via
+.Xr malloc 9
+with M_WAITOK.
+Then this pre-allocated memory is passed to
+.Fn osd_set_reserved ,
+which will use it if necessary or otherwise discard it.
+The memory may also be explicitly discarded by calling
+.Fn osd_free_reserved .
+As this method always allocates memory whether or not it is ultimately needed,
+it should be used only rarely, such as in the unlikely event that
+.Fn osd_set
+fails.
+.Pp
 The
 .Nm
 API is geared towards slot identifiers storing pointers to the same underlying
@@ -359,15 +405,27 @@ the kernel including most fast paths.
 returns the slot identifier for the newly registered data type.
 .Pp
 .Fn osd_set
-returns zero on success or ENOMEM if the specified type/slot identifier pair
+and
+.Fn osd_set_reserved
+return zero on success or ENOMEM if the specified type/slot identifier pair
 triggered an internal
 .Xr realloc 9
-which failed.
+which failed
+.Fn ( osd_set_reserved
+will always succeed when
+.Fa rsv
+is non-NULL).
 .Pp
 .Fn osd_get
 returns the data pointer for the specified type/slot identifier pair, or NULL 
if
 the slot has not been initialised yet.
 .Pp
+.Fn osd_reserve
+returns a pointer suitable for passing to
+.Fn osd_set_reserved
+or
+.Fn osd_free_reserved .
+.Pp
 .Fn osd_call
 returns zero if no method is run or the method for each slot runs successfully.
 If a method for a slot returns non-zero,

Modified: head/sys/kern/kern_osd.c
==
--- head/sys/kern/kern_osd.cWed Mar 30 16:54:18 2016(r297421)
+++ head/sys/kern/kern_osd.cWed Mar 30 16:57:28 2016(r297422)
@@ -54,7 +54,7 @@ struct osd_master {
struct sxosd_module_lock;
struct rmlockosd_object_lock;
struct mtx   osd_list_lock;
-   LIST_HEAD(, osd) osd_list;  /* (m) */
+   LIST_HEAD(, osd) osd_list;  /* (l) */
osd_destructor_t*osd_destructors;   /* (o) */
osd_method_t*osd_methods;   /* (m) */
u_intosd_ntslots;   /* (m) */
@@ -198,6 +198,24 @@ osd_deregister(u_int type, u_int slot)
 int
 osd_set(u_int type, struct osd *osd, u_int slot, void *value)
 {
+
+   return (osd_set_reserved(type, osd, slot, NULL, value));
+}
+
+void *
+osd_reserve(u_int slot)
+{
+
+   KASSERT(slot > 0, ("Invalid slot."));
+
+   OSD_DEBUG("Reserving slot array (slot=%u).", slot);
+   return (malloc(sizeof(void *) * slot, M_OSD, M_WAITOK | M_ZERO));
+}
+
+int
+osd_set_reserved(u_int type, struct osd *osd, u_int slot, void *rsv,
+void *value)
+{
struct rm_priotracker tracker;
 
KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
@@ -206,36 +224,34 @@ osd_set(u_int type, struct osd *osd, u_i
 
rm_rlock([type].osd_object_lock, );
if (slot > osd->osd_nslots) {
+   void *newptr;
+
if (value == NULL) {
OSD_DEBUG(
"Not allocating null slot (type=%u, slot=%u).",

svn commit: r297367 - head/sys/kern

2016-03-28 Thread Jamie Gritton 
Author: jamie
Date: Mon Mar 28 22:18:37 2016
New Revision: 297367
URL: https://svnweb.freebsd.org/changeset/base/297367

Log:
  Move the various per-type arrays of OSD data into a single structure array.

Modified:
  head/sys/kern/kern_osd.c

Modified: head/sys/kern/kern_osd.c
==
--- head/sys/kern/kern_osd.cMon Mar 28 21:51:56 2016(r297366)
+++ head/sys/kern/kern_osd.cMon Mar 28 22:18:37 2016(r297367)
@@ -44,6 +44,23 @@ __FBSDID("$FreeBSD$");
 
 /* OSD (Object Specific Data) */
 
+/*
+ * Lock key:
+ *  (m) osd_module_lock
+ *  (o) osd_object_lock
+ *  (l) osd_list_lock
+ */
+struct osd_master {
+   struct sxosd_module_lock;
+   struct rmlockosd_object_lock;
+   struct mtx   osd_list_lock;
+   LIST_HEAD(, osd) osd_list;  /* (m) */
+   osd_destructor_t*osd_destructors;   /* (o) */
+   osd_method_t*osd_methods;   /* (m) */
+   u_intosd_ntslots;   /* (m) */
+   const u_int  osd_nmethods;
+};
+
 static MALLOC_DEFINE(M_OSD, "osd", "Object Specific Data");
 
 static int osd_debug = 0;
@@ -61,25 +78,12 @@ static void do_osd_del(u_int type, struc
 int list_locked);
 
 /*
- * Lists of objects with OSD.
- *
- * Lock key:
- *  (m) osd_module_lock
- *  (o) osd_object_lock
- *  (l) osd_list_lock
+ * List of objects with OSD.
  */
-static LIST_HEAD(, osd)osd_list[OSD_LAST + 1]; /* (m) */
-static osd_method_t *osd_methods[OSD_LAST + 1];/* (m) */
-static u_int osd_nslots[OSD_LAST + 1]; /* (m) */
-static osd_destructor_t *osd_destructors[OSD_LAST + 1];/* (o) */
-static const u_int osd_nmethods[OSD_LAST + 1] = {
-   [OSD_JAIL] = PR_MAXMETHOD,
+struct osd_master osdm[OSD_LAST + 1] = {
+   [OSD_JAIL] = { .osd_nmethods = PR_MAXMETHOD },
 };
 
-static struct sx osd_module_lock[OSD_LAST + 1];
-static struct rmlock osd_object_lock[OSD_LAST + 1];
-static struct mtx osd_list_lock[OSD_LAST + 1];
-
 static void
 osd_default_destructor(void *value __unused)
 {
@@ -101,12 +105,12 @@ osd_register(u_int type, osd_destructor_
if (destructor == NULL)
destructor = osd_default_destructor;
 
-   sx_xlock(_module_lock[type]);
+   sx_xlock([type].osd_module_lock);
/*
 * First, we try to find unused slot.
 */
-   for (i = 0; i < osd_nslots[type]; i++) {
-   if (osd_destructors[type][i] == NULL) {
+   for (i = 0; i < osdm[type].osd_ntslots; i++) {
+   if (osdm[type].osd_destructors[i] == NULL) {
OSD_DEBUG("Unused slot found (type=%u, slot=%u).",
type, i);
break;
@@ -115,31 +119,31 @@ osd_register(u_int type, osd_destructor_
/*
 * If no unused slot was found, allocate one.
 */
-   if (i == osd_nslots[type]) {
-   osd_nslots[type]++;
-   if (osd_nmethods[type] != 0)
-   osd_methods[type] = realloc(osd_methods[type],
-   sizeof(osd_method_t) * osd_nslots[type] *
-   osd_nmethods[type], M_OSD, M_WAITOK);
-   newptr = malloc(sizeof(osd_destructor_t) * osd_nslots[type],
-   M_OSD, M_WAITOK);
-   rm_wlock(_object_lock[type]);
-   bcopy(osd_destructors[type], newptr,
+   if (i == osdm[type].osd_ntslots) {
+   osdm[type].osd_ntslots++;
+   if (osdm[type].osd_nmethods != 0)
+   osdm[type].osd_methods = realloc(osdm[type].osd_methods,
+   sizeof(osd_method_t) * osdm[type].osd_ntslots *
+   osdm[type].osd_nmethods, M_OSD, M_WAITOK);
+   newptr = malloc(sizeof(osd_destructor_t) *
+   osdm[type].osd_ntslots, M_OSD, M_WAITOK);
+   rm_wlock([type].osd_object_lock);
+   bcopy(osdm[type].osd_destructors, newptr,
sizeof(osd_destructor_t) * i);
-   free(osd_destructors[type], M_OSD);
-   osd_destructors[type] = newptr;
-   rm_wunlock(_object_lock[type]);
+   free(osdm[type].osd_destructors, M_OSD);
+   osdm[type].osd_destructors = newptr;
+   rm_wunlock([type].osd_object_lock);
OSD_DEBUG("New slot allocated (type=%u, slot=%u).",
type, i + 1);
}
 
-   osd_destructors[type][i] = destructor;
-   if (osd_nmethods[type] != 0) {
-   for (m = 0; m < osd_nmethods[type]; m++)
-   osd_methods[type][i * osd_nmethods[type] + m] =
-   methods != NULL ? methods[m] : NULL;
+   osdm[type].osd_destructors[i] = destructor;
+   if (osdm[type].osd_nmethods != 0) {
+

svn commit: r295468 - in head: lib/libc/sys usr.sbin/jail

2016-02-10 Thread Jamie Gritton 
Author: jamie
Date: Wed Feb 10 14:48:49 2016
New Revision: 295468
URL: https://svnweb.freebsd.org/changeset/base/295468

Log:
  Remove man page references to rndassociates.com, which has been taken over
  by a domain squatter.

Modified:
  head/lib/libc/sys/jail.2
  head/usr.sbin/jail/jail.8
  head/usr.sbin/jail/jail.conf.5

Modified: head/lib/libc/sys/jail.2
==
--- head/lib/libc/sys/jail.2Wed Feb 10 12:14:56 2016(r295467)
+++ head/lib/libc/sys/jail.2Wed Feb 10 14:48:49 2016(r295468)
@@ -405,7 +405,6 @@ system calls appeared in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R Associates
-.Dq Li http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .An James Gritton

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Wed Feb 10 12:14:56 2016(r295467)
+++ head/usr.sbin/jail/jail.8   Wed Feb 10 14:48:49 2016(r295468)
@@ -1260,7 +1260,6 @@ The configuration file was introduced in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R Associates
-.Pa http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .Pp

Modified: head/usr.sbin/jail/jail.conf.5
==
--- head/usr.sbin/jail/jail.conf.5  Wed Feb 10 12:14:56 2016
(r295467)
+++ head/usr.sbin/jail/jail.conf.5  Wed Feb 10 14:48:49 2016
(r295468)
@@ -224,7 +224,6 @@ file was added in
 The jail feature was written by
 .An Poul-Henning Kamp
 for R Associates
-.Pa http://www.rndassociates.com/
 who contributed it to
 .Fx .
 .Pp
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r294964 - stable/10/etc/rc.d

2016-01-27 Thread Jamie Gritton 
Author: jamie
Date: Thu Jan 28 00:41:07 2016
New Revision: 294964
URL: https://svnweb.freebsd.org/changeset/base/294964

Log:
  MFC r294749:
  
Allow the (old rc-style) exec_afterstart jail parameters to start numbering
at 0, like exec_prestart and the others do.  Make param0 optional, i.e.
still look for param1.
  
  PR:   142973

Modified:
  stable/10/etc/rc.d/jail
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/rc.d/jail
==
--- stable/10/etc/rc.d/jail Wed Jan 27 22:56:04 2016(r294963)
+++ stable/10/etc/rc.d/jail Thu Jan 28 00:41:07 2016(r294964)
@@ -32,7 +32,7 @@ need_dad_wait=
 #  Extract value from ${jail_$jv_$name} or ${jail_$name} and
 #  set it to $param.  If not defined, $defval is used.
 #  When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and
-#  $param is set by using +=.
+#  $param is set by using +=.  $num=0 is optional (params may start at 1).
 #  When $num is YN or NY, the value is interpret as boolean.
 extract_var()
 {
@@ -72,7 +72,7 @@ extract_var()
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then 
echo "  $_param += \"$_tmpargs\";"
-   else
+   elif [ $i != 0 ]; then
break;
fi
i=$(($i + 1))
@@ -202,7 +202,7 @@ parse_options()
extract_var $_jv exec_poststop exec.poststop 0 ""
 
echo "  exec.start += \"$_exec_start\";"
-   extract_var $_jv exec_afterstart exec.start 1 ""
+   extract_var $_jv exec_afterstart exec.start 0 ""
echo "  exec.stop = \"$_exec_stop\";"
 
extract_var $_jv consolelog exec.consolelog - \
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r294749 - head/etc/rc.d

2016-01-25 Thread Jamie Gritton 
Author: jamie
Date: Mon Jan 25 22:14:31 2016
New Revision: 294749
URL: https://svnweb.freebsd.org/changeset/base/294749

Log:
  Allow the (old rc-style) exec_afterstart jail parameters to start numbering
  at 0, like exec_prestart and the others do.  Make param0 optional, i.e.
  still look for param1.
  
  PR:   142973
  MFC after:3 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==
--- head/etc/rc.d/jail  Mon Jan 25 22:12:03 2016(r294748)
+++ head/etc/rc.d/jail  Mon Jan 25 22:14:31 2016(r294749)
@@ -32,7 +32,7 @@ need_dad_wait=
 #  Extract value from ${jail_$jv_$name} or ${jail_$name} and
 #  set it to $param.  If not defined, $defval is used.
 #  When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and
-#  $param is set by using +=.
+#  $param is set by using +=.  $num=0 is optional (params may start at 1).
 #  When $num is YN or NY, the value is interpret as boolean.
 extract_var()
 {
@@ -72,7 +72,7 @@ extract_var()
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then 
echo "  $_param += \"$_tmpargs\";"
-   else
+   elif [ $i != 0 ]; then
break;
fi
i=$(($i + 1))
@@ -202,7 +202,7 @@ parse_options()
extract_var $_jv exec_poststop exec.poststop 0 ""
 
echo "  exec.start += \"$_exec_start\";"
-   extract_var $_jv exec_afterstart exec.start 1 ""
+   extract_var $_jv exec_afterstart exec.start 0 ""
echo "  exec.stop = \"$_exec_stop\";"
 
extract_var $_jv consolelog exec.consolelog - \
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r294484 - stable/10/usr.sbin/jail

2016-01-20 Thread Jamie Gritton 
Author: jamie
Date: Thu Jan 21 04:37:16 2016
New Revision: 294484
URL: https://svnweb.freebsd.org/changeset/base/294484

Log:
  MFC r294183:
  
Clear errno before calling getpw*.
  
  MFC r294196:
  
Don't bother checking an ip[46].addr netmask/prefixlen.  This is already
handled by ifconfig, and it was doing it wrong when the paramater included
extra ifconfig options.
  
  PR:   205926

Modified:
  stable/10/usr.sbin/jail/command.c
  stable/10/usr.sbin/jail/config.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.sbin/jail/command.c
==
--- stable/10/usr.sbin/jail/command.c   Thu Jan 21 03:05:03 2016
(r294483)
+++ stable/10/usr.sbin/jail/command.c   Thu Jan 21 04:37:16 2016
(r294484)
@@ -878,6 +878,7 @@ get_user_info(struct cfjail *j, const ch
 {
const struct passwd *pwd;
 
+   errno = 0;
*pwdp = pwd = username ? getpwnam(username) : getpwuid(getuid());
if (pwd == NULL) {
if (errno)

Modified: stable/10/usr.sbin/jail/config.c
==
--- stable/10/usr.sbin/jail/config.cThu Jan 21 03:05:03 2016
(r294483)
+++ stable/10/usr.sbin/jail/config.cThu Jan 21 04:37:16 2016
(r294484)
@@ -454,7 +454,7 @@ check_intparams(struct cfjail *j)
struct addrinfo hints;
struct addrinfo *ai0, *ai;
const char *hostname;
-   int gicode, defif, prefix;
+   int gicode, defif;
 #endif
 #ifdef INET
struct in_addr addr4;
@@ -597,15 +597,7 @@ check_intparams(struct cfjail *j)
strcpy(s->s, cs + 1);
s->len -= cs + 1 - s->s;
}
-   if ((cs = strchr(s->s, '/'))) {
-   prefix = strtol(cs + 1, , 10);
-   if (*ep == '.'
-   ? inet_pton(AF_INET, cs + 1, ) != 1
-   : *ep || prefix < 0 || prefix > 32) {
-   jail_warnx(j,
-   "ip4.addr: bad netmask \"%s\"", cs);
-   error = -1; 
-   }
+   if ((cs = strchr(s->s, '/')) != NULL) {
*cs = '\0';
s->len = cs - s->s;
}
@@ -626,14 +618,7 @@ check_intparams(struct cfjail *j)
strcpy(s->s, cs + 1);
s->len -= cs + 1 - s->s;
}
-   if ((cs = strchr(s->s, '/'))) {
-   prefix = strtol(cs + 1, , 10);
-   if (*ep || prefix < 0 || prefix > 128) {
-   jail_warnx(j,
-   "ip6.addr: bad prefixlen \"%s\"",
-   cs);
-   error = -1; 
-   }
+   if ((cs = strchr(s->s, '/')) != NULL) {
*cs = '\0';
s->len = cs - s->s;
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r294196 - head/usr.sbin/jail

2016-01-16 Thread Jamie Gritton 
Author: jamie
Date: Sat Jan 16 22:32:57 2016
New Revision: 294196
URL: https://svnweb.freebsd.org/changeset/base/294196

Log:
  Don't bother checking an ip[46].addr netmask/prefixlen.  This is already
  handled by ifconfig, and it was doing it wrong when the paramater included
  extra ifconfig options.
  
  PR:   205926
  MFC after:5 days

Modified:
  head/usr.sbin/jail/config.c

Modified: head/usr.sbin/jail/config.c
==
--- head/usr.sbin/jail/config.c Sat Jan 16 21:24:12 2016(r294195)
+++ head/usr.sbin/jail/config.c Sat Jan 16 22:32:57 2016(r294196)
@@ -454,7 +454,7 @@ check_intparams(struct cfjail *j)
struct addrinfo hints;
struct addrinfo *ai0, *ai;
const char *hostname;
-   int gicode, defif, prefix;
+   int gicode, defif;
 #endif
 #ifdef INET
struct in_addr addr4;
@@ -597,15 +597,7 @@ check_intparams(struct cfjail *j)
strcpy(s->s, cs + 1);
s->len -= cs + 1 - s->s;
}
-   if ((cs = strchr(s->s, '/'))) {
-   prefix = strtol(cs + 1, , 10);
-   if (*ep == '.'
-   ? inet_pton(AF_INET, cs + 1, ) != 1
-   : *ep || prefix < 0 || prefix > 32) {
-   jail_warnx(j,
-   "ip4.addr: bad netmask \"%s\"", cs);
-   error = -1; 
-   }
+   if ((cs = strchr(s->s, '/')) != NULL) {
*cs = '\0';
s->len = cs - s->s;
}
@@ -626,14 +618,7 @@ check_intparams(struct cfjail *j)
strcpy(s->s, cs + 1);
s->len -= cs + 1 - s->s;
}
-   if ((cs = strchr(s->s, '/'))) {
-   prefix = strtol(cs + 1, , 10);
-   if (*ep || prefix < 0 || prefix > 128) {
-   jail_warnx(j,
-   "ip6.addr: bad prefixlen \"%s\"",
-   cs);
-   error = -1; 
-   }
+   if ((cs = strchr(s->s, '/')) != NULL) {
*cs = '\0';
s->len = cs - s->s;
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r294183 - head/usr.sbin/jail

2016-01-16 Thread Jamie Gritton 
Author: jamie
Date: Sat Jan 16 18:13:28 2016
New Revision: 294183
URL: https://svnweb.freebsd.org/changeset/base/294183

Log:
  Clear errno before calling getpw*.

Modified:
  head/usr.sbin/jail/command.c

Modified: head/usr.sbin/jail/command.c
==
--- head/usr.sbin/jail/command.cSat Jan 16 18:11:17 2016
(r294182)
+++ head/usr.sbin/jail/command.cSat Jan 16 18:13:28 2016
(r294183)
@@ -877,6 +877,7 @@ get_user_info(struct cfjail *j, const ch
 {
const struct passwd *pwd;
 
+   errno = 0;
*pwdp = pwd = username ? getpwnam(username) : getpwuid(getuid());
if (pwd == NULL) {
if (errno)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r292967 - stable/10/etc/rc.d

2015-12-30 Thread Jamie Gritton 
Author: jamie
Date: Thu Dec 31 01:24:16 2015
New Revision: 292967
URL: https://svnweb.freebsd.org/changeset/base/292967

Log:
  MFC r292759:
  
Let old-style (shell-based) jail configuration handle jail names that
contain characters not allowed in a shell variable (such as "-").
These will be replaced by an underscore in jail config variables,
e.g. for jail "foo-bar" you would set "jail_foo_bar_hostname".
  
This is separate from the current code that changes the jail names
if they contain "." or "/".  It also doesn't apply to jails defined
in a jail.conf file.
  
  PR:   191181

Modified:
  stable/10/etc/rc.d/jail
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/rc.d/jail
==
--- stable/10/etc/rc.d/jail Wed Dec 30 23:27:24 2015(r292966)
+++ stable/10/etc/rc.d/jail Thu Dec 31 01:24:16 2015(r292967)
@@ -28,16 +28,16 @@ extra_commands="config console status"
 
 need_dad_wait=
 
-# extract_var jail name param num defval
-#  Extract value from ${jail_$jail_$name} or ${jail_$name} and
+# extract_var jv name param num defval
+#  Extract value from ${jail_$jv_$name} or ${jail_$name} and
 #  set it to $param.  If not defined, $defval is used.
-#  When $num is [0-9]*, ${jail_$jail_$name$num} are looked up and
+#  When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and
 #  $param is set by using +=.
 #  When $num is YN or NY, the value is interpret as boolean.
 extract_var()
 {
-   local i _j _name _param _num _def _name1 _name2
-   _j=$1
+   local i _jv _name _param _num _def _name1 _name2
+   _jv=$1
_name=$2
_param=$3
_num=$4
@@ -45,7 +45,7 @@ extract_var()
 
case $_num in
YN)
-   _name1=jail_${_j}_${_name}
+   _name1=jail_${_jv}_${_name}
_name2=jail_${_name}
eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\"
if checkyesno $_name1; then
@@ -55,7 +55,7 @@ extract_var()
fi
;;
NY)
-   _name1=jail_${_j}_${_name}
+   _name1=jail_${_jv}_${_name}
_name2=jail_${_name}
eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\"
if checkyesno $_name1; then
@@ -67,7 +67,7 @@ extract_var()
[0-9]*)
i=$_num
while : ; do
-   _name1=jail_${_j}_${_name}${i}
+   _name1=jail_${_jv}_${_name}${i}
_name2=jail_${_name}${i}
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then 
@@ -79,7 +79,7 @@ extract_var()
done
;;
*)
-   _name1=jail_${_j}_${_name}
+   _name1=jail_${_jv}_${_name}
_name2=jail_${_name}
eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
if [ -n "$_tmpargs" ]; then
@@ -89,22 +89,23 @@ extract_var()
esac
 }
 
-# parse_options _j
+# parse_options _j _jv
 #  Parse options and create a temporary configuration file if necessary.
 #
 parse_options()
 {
-   local _j _p
+   local _j _jv _p
_j=$1
+   _jv=$2
 
_confwarn=0
if [ -z "$_j" ]; then
warn "parse_options: you must specify a jail"
return
fi
-   eval _jconf=\"\${jail_${_j}_conf:-/etc/jail.${_j}.conf}\"
-   eval _rootdir=\"\$jail_${_j}_rootdir\"
-   eval _hostname=\"\$jail_${_j}_hostname\"
+   eval _jconf=\"\${jail_${_jv}_conf:-/etc/jail.${_j}.conf}\"
+   eval _rootdir=\"\$jail_${_jv}_rootdir\"
+   eval _hostname=\"\$jail_${_jv}_hostname\"
if [ -z "$_rootdir" -o \
 -z "$_hostname" ]; then
if [ -r "$_jconf" ]; then
@@ -120,7 +121,7 @@ parse_options()
fi
return 1
fi
-   eval _ip=\"\$jail_${_j}_ip\"
+   eval _ip=\"\$jail_${_jv}_ip\"
if [ -z "$_ip" ] && ! check_kern_features vimage; then
warn "no ipaddress specified and no vimage support.  " \
"Jail $_j was ignored."
@@ -138,10 +139,10 @@ parse_options()
fi
/usr/bin/install -m 0644 -o root -g wheel /dev/null $_conf || return 1
 
-   eval : \${jail_${_j}_flags:=${jail_flags}}
-   eval _exec=\"\$jail_${_j}_exec\"
-   eval _exec_start=\"\$jail_${_j}_exec_start\"
-   eval _exec_stop=\"\$jail_${_j}_exec_stop\"
+   eval : \${jail_${_jv}_flags:=${jail_flags}}
+   eval _exec=\"\$jail_${_jv}_exec\"
+   eval _exec_start=\"\$jail_${_jv}_exec_start\"
+   eval _exec_stop=\"\$jail_${_jv}_exec_stop\"
if [ -n "${_exec}" ]; then
#   simple/backward-compatible execution
_exec_start="${_exec}"
@@ -155,20 +156,20 @@ parse_options()

  1   2   3   >