svn commit: r368676 - head/usr.sbin/jls
Author: jamie Date: Tue Dec 15 20:56:35 2020 New Revision: 368676 URL: https://svnweb.freebsd.org/changeset/base/368676 Log: Bugfix to not hide jailparam flags, which for example changes the output "vnet=2" to the less opaque "vnet=inherit" Reported by: kevans MFC after:5 days Modified: head/usr.sbin/jls/jls.c Modified: head/usr.sbin/jls/jls.c == --- head/usr.sbin/jls/jls.c Tue Dec 15 20:02:40 2020(r368675) +++ head/usr.sbin/jls/jls.c Tue Dec 15 20:56:35 2020(r368676) @@ -323,7 +323,7 @@ add_param(const char *name, void *value, size_t valuel } xo_errx(1, "%s", jail_errmsg); } - param->jp_flags = flags; + param->jp_flags |= flags; return param - params; } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r365321 - stable/12/sys/sys
Author: jamie Date: Fri Sep 4 00:24:31 2020 New Revision: 365321 URL: https://svnweb.freebsd.org/changeset/base/365321 Log: MFC r364970: Add __BEGIN_DECLS to jail.h to keep C++ happy. PR: 238928 Reported by: yuri@ Modified: stable/12/sys/sys/jail.h Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/sys/jail.h == --- stable/12/sys/sys/jail.hFri Sep 4 00:22:24 2020(r365320) +++ stable/12/sys/sys/jail.hFri Sep 4 00:24:31 2020(r365321) @@ -110,11 +110,13 @@ struct xprison { struct iovec; +__BEGIN_DECLS int jail(struct jail *); int jail_set(struct iovec *, unsigned int, int); int jail_get(struct iovec *, unsigned int, int); int jail_attach(int); int jail_remove(int); +__END_DECLS #else /* _KERNEL */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r365320 - stable/12/usr.sbin/jail
Author: jamie Date: Fri Sep 4 00:22:24 2020 New Revision: 365320 URL: https://svnweb.freebsd.org/changeset/base/365320 Log: MFC r364850: Don't allow jail.conf variables to have the same names as jail parameters. It was already not allowed in many cases, but crashed instead of giving an error. PR: 248444 Modified: stable/12/usr.sbin/jail/config.c Directory Properties: stable/12/ (props changed) Modified: stable/12/usr.sbin/jail/config.c == --- stable/12/usr.sbin/jail/config.cFri Sep 4 00:12:28 2020 (r365319) +++ stable/12/usr.sbin/jail/config.cFri Sep 4 00:22:24 2020 (r365320) @@ -366,8 +366,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e break; if (dp != NULL) { /* Found it - append or replace. */ + if ((flags ^ dp->flags) & PF_VAR) { + jail_warnx(j, "variable \"$%s\" cannot have the same " + "name as a parameter.", name); + return; + } if (dp->flags & PF_IMMUTABLE) { - jail_warnx(j, "cannot redefine variable \"%s\".", + jail_warnx(j, "cannot redefine parameter \"%s\".", dp->name); return; } @@ -394,6 +399,14 @@ add_param(struct cfjail *j, const struct cfparam *p, e for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++) if (!(intparams[ipnum].flags & PF_CONV) && equalopts(name, intparams[ipnum].name)) { + if (flags & PF_VAR) { + jail_warnx(j, + "variable \"$%s\" " + "cannot have the same " + "name as a parameter.", + name); + return; + } j->intparams[ipnum] = np; np->flags |= intparams[ipnum].flags; break; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r364970 - head/sys/sys
Author: jamie Date: Sat Aug 29 22:24:41 2020 New Revision: 364970 URL: https://svnweb.freebsd.org/changeset/base/364970 Log: Add __BEGIN_DECLS to jail.h to keep C++ happy. PR: 238928 Reported by: yuri@ Modified: head/sys/sys/jail.h Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Sat Aug 29 22:09:36 2020(r364969) +++ head/sys/sys/jail.h Sat Aug 29 22:24:41 2020(r364970) @@ -110,11 +110,13 @@ struct xprison { struct iovec; +__BEGIN_DECLS int jail(struct jail *); int jail_set(struct iovec *, unsigned int, int); int jail_get(struct iovec *, unsigned int, int); int jail_attach(int); int jail_remove(int); +__END_DECLS #else /* _KERNEL */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r364969 - stable/12/sys/kern
Author: jamie Date: Sat Aug 29 22:09:36 2020 New Revision: 364969 URL: https://svnweb.freebsd.org/changeset/base/364969 Log: Fix a null dereference when debug.disablefullpath=1 and jail created with path=/. PR: 214881 Submitted by: aler (at) playground.ru Reported by: aler (at) playground.ru Modified: stable/12/sys/kern/kern_jail.c Modified: stable/12/sys/kern/kern_jail.c == --- stable/12/sys/kern/kern_jail.c Sat Aug 29 21:47:49 2020 (r364968) +++ stable/12/sys/kern/kern_jail.c Sat Aug 29 22:09:36 2020 (r364969) @@ -943,40 +943,45 @@ kern_jail_set(struct thread *td, struct uio *optuio, i error = EINVAL; goto done_free; } - NDINIT(, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, - path, td); - error = namei(); - if (error) - goto done_free; - root = nd.ni_vp; - NDFREE(, NDF_ONLY_PNBUF); - g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); - strlcpy(g_path, path, MAXPATHLEN); - error = vn_path_to_global_path(td, root, g_path, MAXPATHLEN); - if (error == 0) - path = g_path; - else if (error == ENODEV) { - /* proceed if sysctl debug.disablefullpath == 1 */ - fullpath_disabled = 1; - if (len < 2 || (len == 2 && path[0] == '/')) - path = NULL; - } else { - /* exit on other errors */ - goto done_free; - } - if (root->v_type != VDIR) { - error = ENOTDIR; - vput(root); - goto done_free; - } - VOP_UNLOCK(root, 0); - if (fullpath_disabled) { - /* Leave room for a real-root full pathname. */ - if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/") - ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) { - error = ENAMETOOLONG; - vrele(root); + if (len < 2 || (len == 2 && path[0] == '/')) + path = NULL; + else + { + NDINIT(, LOOKUP, FOLLOW | LOCKLEAF, UIO_SYSSPACE, + path, td); + error = namei(); + if (error) goto done_free; + root = nd.ni_vp; + NDFREE(, NDF_ONLY_PNBUF); + g_path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); + strlcpy(g_path, path, MAXPATHLEN); + error = vn_path_to_global_path(td, root, g_path, + MAXPATHLEN); + if (error == 0) + path = g_path; + else if (error == ENODEV) { + /* means sysctl debug.disablefullpath == 1 */ + fullpath_disabled = 1; + } else { + /* exit on other errors */ + goto done_free; + } + if (root->v_type != VDIR) { + error = ENOTDIR; + vput(root); + goto done_free; + } + VOP_UNLOCK(root, 0); + if (fullpath_disabled) { + /* Leave room for a real-root full pathname. */ + if (len + (path[0] == '/' && + strcmp(mypr->pr_path, "/") + ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) { + error = ENAMETOOLONG; + vrele(root); + goto done_free; + } } } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r364874 - head/usr.sbin/jail
Author: jamie Date: Thu Aug 27 17:04:55 2020 New Revision: 364874 URL: https://svnweb.freebsd.org/changeset/base/364874 Log: Disregard jails in jail.conf that have bad parameters (parameter/variable clash, or redefining name/jid). The current behvaior, of merely warning and moving on, can lead to unexpected behavior when a jail is created without the offending parameter defined at all. Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu Aug 27 16:36:07 2020(r364873) +++ head/usr.sbin/jail/config.c Thu Aug 27 17:04:55 2020(r364874) @@ -369,11 +369,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e if ((flags ^ dp->flags) & PF_VAR) { jail_warnx(j, "variable \"$%s\" cannot have the same " "name as a parameter.", name); + j->flags |= JF_FAILED; return; } if (dp->flags & PF_IMMUTABLE) { jail_warnx(j, "cannot redefine parameter \"%s\".", dp->name); + j->flags |= JF_FAILED; return; } if (strcmp(dp->name, name)) { @@ -405,6 +407,7 @@ add_param(struct cfjail *j, const struct cfparam *p, e "cannot have the same " "name as a parameter.", name); + j->flags |= JF_FAILED; return; } j->intparams[ipnum] = np; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r364850 - head/usr.sbin/jail
Author: jamie Date: Thu Aug 27 00:17:17 2020 New Revision: 364850 URL: https://svnweb.freebsd.org/changeset/base/364850 Log: Don't allow jail.conf variables to have the same names as jail parameters. It was already not allowed in many cases, but crashed instead of giving an error. PR: 248444 Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Wed Aug 26 23:41:46 2020(r364849) +++ head/usr.sbin/jail/config.c Thu Aug 27 00:17:17 2020(r364850) @@ -366,8 +366,13 @@ add_param(struct cfjail *j, const struct cfparam *p, e break; if (dp != NULL) { /* Found it - append or replace. */ + if ((flags ^ dp->flags) & PF_VAR) { + jail_warnx(j, "variable \"$%s\" cannot have the same " + "name as a parameter.", name); + return; + } if (dp->flags & PF_IMMUTABLE) { - jail_warnx(j, "cannot redefine variable \"%s\".", + jail_warnx(j, "cannot redefine parameter \"%s\".", dp->name); return; } @@ -394,6 +399,14 @@ add_param(struct cfjail *j, const struct cfparam *p, e for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++) if (!(intparams[ipnum].flags & PF_CONV) && equalopts(name, intparams[ipnum].name)) { + if (flags & PF_VAR) { + jail_warnx(j, + "variable \"$%s\" " + "cannot have the same " + "name as a parameter.", + name); + return; + } j->intparams[ipnum] = np; np->flags |= intparams[ipnum].flags; break; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r364828 - head/usr.sbin/jail
Author: jamie Date: Wed Aug 26 18:35:32 2020 New Revision: 364828 URL: https://svnweb.freebsd.org/changeset/base/364828 Log: Back out r364791 to unbreak jails. Lesson learned: "compile and test" means running the test on the same executable that you just compiled. PR: 248444 Pointy hat to:jamie Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Wed Aug 26 17:52:32 2020(r364827) +++ head/usr.sbin/jail/config.c Wed Aug 26 18:35:32 2020(r364828) @@ -393,8 +393,7 @@ add_param(struct cfjail *j, const struct cfparam *p, e else for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++) if (!(intparams[ipnum].flags & PF_CONV) && - equalopts(name, intparams[ipnum].name) && - !(p->flags & PF_VAR)) { + equalopts(name, intparams[ipnum].name)) { j->intparams[ipnum] = np; np->flags |= intparams[ipnum].flags; break; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r364791 - head/usr.sbin/jail
Author: jamie Date: Wed Aug 26 00:42:59 2020 New Revision: 364791 URL: https://svnweb.freebsd.org/changeset/base/364791 Log: Handle jail.conf variables that have the same names as parameters. PR: 248444 Submitted by: Akos Somfai Reported by: Markus Stoff Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Wed Aug 26 00:31:59 2020(r364790) +++ head/usr.sbin/jail/config.c Wed Aug 26 00:42:59 2020(r364791) @@ -393,7 +393,8 @@ add_param(struct cfjail *j, const struct cfparam *p, e else for (ipnum = IP__NULL + 1; ipnum < IP_NPARAM; ipnum++) if (!(intparams[ipnum].flags & PF_CONV) && - equalopts(name, intparams[ipnum].name)) { + equalopts(name, intparams[ipnum].name) && + !(p->flags & PF_VAR)) { j->intparams[ipnum] = np; np->flags |= intparams[ipnum].flags; break; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r349180 - stable/12/usr.sbin/jail
Author: jamie Date: Tue Jun 18 23:49:13 2019 New Revision: 349180 URL: https://svnweb.freebsd.org/changeset/base/349180 Log: Unmount filesystems on jail removal with "-f", to get around a situation where the jail root vnode reference is stopping the filesystem from unmounting, when the jail is removed by still exists in a dying state. PR: 238517 Reported by: matthias at harz.de Modified: stable/12/usr.sbin/jail/command.c Modified: stable/12/usr.sbin/jail/command.c == --- stable/12/usr.sbin/jail/command.c Tue Jun 18 22:00:38 2019 (r349179) +++ stable/12/usr.sbin/jail/command.c Tue Jun 18 23:49:13 2019 (r349180) @@ -475,6 +475,7 @@ run_command(struct cfjail *j) if (down) { argv[4] = NULL; argv[3] = argv[1]; + argv[1] = "-ft"; argv[0] = "/sbin/umount"; } else { if (argc == 4) { @@ -488,9 +489,9 @@ run_command(struct cfjail *j) argv[4] = argv[1]; argv[3] = argv[0]; } + argv[1] = "-t"; argv[0] = _PATH_MOUNT; } - argv[1] = "-t"; break; case IP_MOUNT_DEVFS: ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r341084 - in head: sys/kern sys/sys usr.sbin/jail
Author: jamie Date: Tue Nov 27 17:51:50 2018 New Revision: 341084 URL: https://svnweb.freebsd.org/changeset/base/341084 Log: In hardened systems, where the security.bsd.unprivileged_proc_debug sysctl node is set, allow setting security.bsd.unprivileged_proc_debug per-jail. In part, this is needed to create jails in which the Address Sanitizer (ASAN) fully works as ASAN utilizes libkvm to inspect the virtual address space. Instead of having to allow unprivileged process debugging for the entire system, allow setting it on a per-jail basis. The sysctl node is still security.bsd.unprivileged_proc_debug and the jail(8) param is allow.unprivileged_proc_debug. The sysctl code is now a sysctl proc rather than a sysctl int. This allows us to determine setting the flag for the corresponding jail (or prison0). As part of the change, the dynamic allow.* API needed to be modified to take into account pr_allow flags which may now be disabled in prison0. This prevents conflicts with new pr_allow flags (like that of vmm(4)) that are added (and removed) dynamically. Also teach the jail creation KPI to allow differences for certain pr_allow flags between the parent and child jail. This can happen when unprivileged process debugging is disabled in the parent prison, but enabled in the child. Submitted by: Shawn Webb Obtained from:HardenedBSD (45b3625edba0f73b3e3890b1ec3d0d1e95fd47e1, deba0b5078cef0faae43cbdafed3035b16587afc, ab21eeb3b4c72f2500987c96ff603ccf3b6e7de8) Relnotes: yes Sponsored by: HardenedBSD and G2, Inc Differential Revision:https://reviews.freebsd.org/D18319 Modified: head/sys/kern/kern_jail.c head/sys/kern/kern_priv.c head/sys/kern/kern_prot.c head/sys/sys/jail.h head/usr.sbin/jail/jail.8 Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Tue Nov 27 17:10:00 2018(r341083) +++ head/sys/kern/kern_jail.c Tue Nov 27 17:51:50 2018(r341084) @@ -194,10 +194,14 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = {"allow.reserved_ports", "allow.noreserved_ports", PR_ALLOW_RESERVED_PORTS}, {"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF}, + {"allow.unprivileged_proc_debug", "allow.nounprivileged_proc_debug", +PR_ALLOW_UNPRIV_DEBUG}, }; const size_t pr_flag_allow_size = sizeof(pr_flag_allow); -#defineJAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | PR_ALLOW_RESERVED_PORTS) +#defineJAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | \ +PR_ALLOW_RESERVED_PORTS | \ +PR_ALLOW_UNPRIV_DEBUG) #defineJAIL_DEFAULT_ENFORCE_STATFS 2 #defineJAIL_DEFAULT_DEVFS_RSNUM0 static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW; @@ -498,6 +502,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, i int ip6s, redo_ip6; #endif uint64_t pr_allow, ch_allow, pr_flags, ch_flags; + uint64_t pr_allow_diff; unsigned tallow; char numbuf[12]; @@ -1530,7 +1535,8 @@ kern_jail_set(struct thread *td, struct uio *optuio, i } } } - if (pr_allow & ~ppr->pr_allow) { + pr_allow_diff = pr_allow & ~ppr->pr_allow; + if (pr_allow_diff & ~PR_ALLOW_DIFFERENCES) { error = EPERM; goto done_deref_locked; } @@ -3783,6 +3789,8 @@ SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT "B", "Jail may bind sockets to reserved ports"); SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW, "B", "Jail may read the kernel message buffer"); +SYSCTL_JAIL_PARAM(_allow, unprivileged_proc_debug, CTLTYPE_INT | CTLFLAG_RW, +"B", "Unprivileged processes may use process debugging facilities"); SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags"); SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW, @@ -3834,10 +3842,16 @@ prison_add_allow(const char *prefix, const char *name, * Find a free bit in prison0's pr_allow, failing if there are none * (which shouldn't happen as long as we keep track of how many * potential dynamic flags exist). +* +* Due to per-jail unprivileged process debugging support +* using pr_allow, also verify against PR_ALLOW_ALL_STATIC. +* prison0 may have unprivileged process debugging unset. */ for (allow_flag = 1;; allow_flag <<= 1) { if (allow_flag == 0) goto no_add; + if (allow_flag & PR_ALLOW_ALL_STATIC) + continue; if ((prison0.pr_allow & allow_flag) == 0) break; } Modified: head/sys/kern/kern_priv.c
svn commit: r339446 - in stable/11: sys/kern sys/sys usr.sbin/jail
Author: jamie Date: Sat Oct 20 16:20:36 2018 New Revision: 339446 URL: https://svnweb.freebsd.org/changeset/base/339446 Log: MFC r339409, r339420: Add a new jail permission, allow.read_msgbuf. When true, jailed processes can see the dmesg buffer (this is the current behavior). When false (the new default), dmesg will be unavailable to jailed users, whether root or not. The security.bsd.unprivileged_read_msgbuf sysctl still works as before, controlling system-wide whether non-root users can see the buffer. PR: 211580 Submitted by: bz Modified: stable/11/sys/kern/kern_jail.c stable/11/sys/kern/kern_priv.c stable/11/sys/kern/subr_prf.c stable/11/sys/sys/jail.h stable/11/usr.sbin/jail/jail.8 Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/kern/kern_jail.c == --- stable/11/sys/kern/kern_jail.c Fri Oct 19 10:05:02 2018 (r339445) +++ stable/11/sys/kern/kern_jail.c Sat Oct 20 16:20:36 2018 (r339446) @@ -200,6 +200,7 @@ static char *pr_allow_names[] = { "allow.mount.fdescfs", "allow.mount.linprocfs", "allow.mount.linsysfs", + "allow.read_msgbuf", }; const size_t pr_allow_names_size = sizeof(pr_allow_names); @@ -219,6 +220,7 @@ static char *pr_allow_nonames[] = { "allow.mount.nofdescfs", "allow.mount.nolinprocfs", "allow.mount.nolinsysfs", + "allow.noread_msgbuf", }; const size_t pr_allow_nonames_size = sizeof(pr_allow_nonames); @@ -3348,6 +3350,15 @@ prison_priv_check(struct ucred *cred, int priv) case PRIV_PROC_SETLOGINCLASS: return (0); + /* +* Do not allow a process inside a jail to read the kernel +* message buffer unless explicitly permitted. +*/ + case PRIV_MSGBUF: + if (cred->cr_prison->pr_allow & PR_ALLOW_READ_MSGBUF) + return (0); + return (EPERM); + default: /* * In all remaining cases, deny the privilege request. This @@ -3796,6 +3807,8 @@ SYSCTL_JAIL_PARAM(_allow, quotas, CTLTYPE_INT | CTLFLA "B", "Jail may set file quotas"); SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW, "B", "Jail may create sockets other than just UNIX/IPv4/IPv6/route"); +SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW, +"B", "Jail may read the kernel message buffer"); SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags"); SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW, Modified: stable/11/sys/kern/kern_priv.c == --- stable/11/sys/kern/kern_priv.c Fri Oct 19 10:05:02 2018 (r339445) +++ stable/11/sys/kern/kern_priv.c Sat Oct 20 16:20:36 2018 (r339446) @@ -60,6 +60,11 @@ static int unprivileged_mlock = 1; SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN, _mlock, 0, "Allow non-root users to call mlock(2)"); +static int unprivileged_read_msgbuf = 1; +SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf, +CTLFLAG_RW, _read_msgbuf, 0, +"Unprivileged processes may read the kernel message buffer"); + SDT_PROVIDER_DEFINE(priv); SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__ok, "int"); SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__err, "int"); @@ -102,6 +107,17 @@ priv_check_cred(struct ucred *cred, int priv, int flag switch (priv) { case PRIV_VM_MLOCK: case PRIV_VM_MUNLOCK: + error = 0; + goto out; + } + } + + if (unprivileged_read_msgbuf) { + /* +* Allow an unprivileged user to read the kernel message +* buffer. +*/ + if (priv == PRIV_MSGBUF) { error = 0; goto out; } Modified: stable/11/sys/kern/subr_prf.c == --- stable/11/sys/kern/subr_prf.c Fri Oct 19 10:05:02 2018 (r339445) +++ stable/11/sys/kern/subr_prf.c Sat Oct 20 16:20:36 2018 (r339446) @@ -1042,11 +1042,6 @@ msgbufinit(void *ptr, int size) oldp = msgbufp; } -static int unprivileged_read_msgbuf = 1; -SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf, -CTLFLAG_RW, _read_msgbuf, 0, -"Unprivileged processes may read the kernel message buffer"); - /* Sysctls for accessing/clearing the msgbuf */ static int sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS) @@ -1055,11 +1050,9 @@ sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS) u_int seq; int error, len; - if (!unprivileged_read_msgbuf) { -
svn commit: r339420 - in head: sys/kern usr.sbin/jail
Author: jamie Date: Thu Oct 18 15:02:57 2018 New Revision: 339420 URL: https://svnweb.freebsd.org/changeset/base/339420 Log: Fix typos from r339409. Reported by: maxim Approved by: re (gjb) Modified: head/sys/kern/kern_jail.c head/usr.sbin/jail/jail.8 Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Oct 18 14:20:15 2018(r339419) +++ head/sys/kern/kern_jail.c Thu Oct 18 15:02:57 2018(r339420) @@ -3352,7 +3352,7 @@ prison_priv_check(struct ucred *cred, int priv) return (0); /* -* Do not allow a process inside a jail read the kernel +* Do not allow a process inside a jail to read the kernel * message buffer unless explicitly permitted. */ case PRIV_MSGBUF: Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Thu Oct 18 14:20:15 2018(r339419) +++ head/usr.sbin/jail/jail.8 Thu Oct 18 15:02:57 2018(r339420) @@ -553,7 +553,7 @@ with non-jailed parts of the system. Jailed users may read the kernel message buffer. If the .Va security.bsd.unprivileged_read_msgbuf -MIB entry is zero, this will be restricted to to root user. +MIB entry is zero, this will be restricted to the root user. .It Va allow.socket_af Sockets within a jail are normally restricted to IPv4, IPv6, local (UNIX), and route. This allows access to other protocol stacks that ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r339411 - stable/11/sys/kern
Author: jamie Date: Wed Oct 17 16:17:57 2018 New Revision: 339411 URL: https://svnweb.freebsd.org/changeset/base/339411 Log: MFC r339211: Fix the test prohibiting jails from sharing IP addresses. It's not supposed to be legal for two jails to contain the same IP address, unless both jails contain only that one address. This is the behavior documented in jail(8), and is there to prevent confusion when multiple jails are listening on IADDR_ANY. VIMAGE jails (now the default for GENERIC kernels) test this correctly, but non-VIMAGE jails have been performing an incomplete test when nested jails are used. Modified: stable/11/sys/kern/kern_jail.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/kern/kern_jail.c == --- stable/11/sys/kern/kern_jail.c Wed Oct 17 16:17:56 2018 (r339410) +++ stable/11/sys/kern/kern_jail.c Wed Oct 17 16:17:57 2018 (r339411) @@ -1411,11 +1411,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i * there is a duplicate on a jail with more than one * IP stop checking and return error. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != tppr = tppr->pr_parent) + for (tppr = ppr; tppr != tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || @@ -1478,11 +1479,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i } } /* Check for conflicting IP addresses. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != tppr = tppr->pr_parent) + for (tppr = ppr; tppr != tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r339410 - stable/10/sys/kern
Author: jamie Date: Wed Oct 17 16:17:56 2018 New Revision: 339410 URL: https://svnweb.freebsd.org/changeset/base/339410 Log: MFC r339211: Fix the test prohibiting jails from sharing IP addresses. It's not supposed to be legal for two jails to contain the same IP address, unless both jails contain only that one address. This is the behavior documented in jail(8), and is there to prevent confusion when multiple jails are listening on IADDR_ANY. VIMAGE jails (now the default for GENERIC kernels) test this correctly, but non-VIMAGE jails have been performing an incomplete test when nested jails are used. Modified: stable/10/sys/kern/kern_jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Wed Oct 17 16:11:43 2018 (r339409) +++ stable/10/sys/kern/kern_jail.c Wed Oct 17 16:17:56 2018 (r339410) @@ -1478,11 +1478,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i * there is a duplicate on a jail with more than one * IP stop checking and return error. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != tppr = tppr->pr_parent) + for (tppr = ppr; tppr != tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || @@ -1544,11 +1545,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i } } /* Check for conflicting IP addresses. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != tppr = tppr->pr_parent) + for (tppr = ppr; tppr != tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r339409 - in head: sys/kern sys/sys usr.sbin/jail
Author: jamie Date: Wed Oct 17 16:11:43 2018 New Revision: 339409 URL: https://svnweb.freebsd.org/changeset/base/339409 Log: Add a new jail permission, allow.read_msgbuf. When true, jailed processes can see the dmesg buffer (this is the current behavior). When false (the new default), dmesg will be unavailable to jailed users, whether root or not. The security.bsd.unprivileged_read_msgbuf sysctl still works as before, controlling system-wide whether non-root users can see the buffer. PR: 211580 Submitted by: bz Approved by: re@ (kib@) MFC after:3 days Modified: head/sys/kern/kern_jail.c head/sys/kern/kern_priv.c head/sys/kern/subr_prf.c head/sys/sys/jail.h head/usr.sbin/jail/jail.8 Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Wed Oct 17 14:51:43 2018(r339408) +++ head/sys/kern/kern_jail.c Wed Oct 17 16:11:43 2018(r339409) @@ -193,6 +193,7 @@ static struct bool_flags pr_flag_allow[NBBY * NBPW] = {"allow.mlock", "allow.nomlock", PR_ALLOW_MLOCK}, {"allow.reserved_ports", "allow.noreserved_ports", PR_ALLOW_RESERVED_PORTS}, + {"allow.read_msgbuf", "allow.noread_msgbuf", PR_ALLOW_READ_MSGBUF}, }; const size_t pr_flag_allow_size = sizeof(pr_flag_allow); @@ -3350,6 +3351,15 @@ prison_priv_check(struct ucred *cred, int priv) case PRIV_PROC_SETLOGINCLASS: return (0); + /* +* Do not allow a process inside a jail read the kernel +* message buffer unless explicitly permitted. +*/ + case PRIV_MSGBUF: + if (cred->cr_prison->pr_allow & PR_ALLOW_READ_MSGBUF) + return (0); + return (EPERM); + default: /* * In all remaining cases, deny the privilege request. This @@ -3770,6 +3780,8 @@ SYSCTL_JAIL_PARAM(_allow, mlock, CTLTYPE_INT | CTLFLAG "B", "Jail may lock (unlock) physical pages in memory"); SYSCTL_JAIL_PARAM(_allow, reserved_ports, CTLTYPE_INT | CTLFLAG_RW, "B", "Jail may bind sockets to reserved ports"); +SYSCTL_JAIL_PARAM(_allow, read_msgbuf, CTLTYPE_INT | CTLFLAG_RW, +"B", "Jail may read the kernel message buffer"); SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags"); SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW, Modified: head/sys/kern/kern_priv.c == --- head/sys/kern/kern_priv.c Wed Oct 17 14:51:43 2018(r339408) +++ head/sys/kern/kern_priv.c Wed Oct 17 16:11:43 2018(r339409) @@ -62,6 +62,11 @@ static int unprivileged_mlock = 1; SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_mlock, CTLFLAG_RWTUN, _mlock, 0, "Allow non-root users to call mlock(2)"); +static int unprivileged_read_msgbuf = 1; +SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf, +CTLFLAG_RW, _read_msgbuf, 0, +"Unprivileged processes may read the kernel message buffer"); + SDT_PROVIDER_DEFINE(priv); SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__ok, "int"); SDT_PROBE_DEFINE1(priv, kernel, priv_check, priv__err, "int"); @@ -104,6 +109,17 @@ priv_check_cred(struct ucred *cred, int priv, int flag switch (priv) { case PRIV_VM_MLOCK: case PRIV_VM_MUNLOCK: + error = 0; + goto out; + } + } + + if (unprivileged_read_msgbuf) { + /* +* Allow an unprivileged user to read the kernel message +* buffer. +*/ + if (priv == PRIV_MSGBUF) { error = 0; goto out; } Modified: head/sys/kern/subr_prf.c == --- head/sys/kern/subr_prf.cWed Oct 17 14:51:43 2018(r339408) +++ head/sys/kern/subr_prf.cWed Oct 17 16:11:43 2018(r339409) @@ -1053,11 +1053,6 @@ msgbufinit(void *ptr, int size) oldp = msgbufp; } -static int unprivileged_read_msgbuf = 1; -SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_read_msgbuf, -CTLFLAG_RW, _read_msgbuf, 0, -"Unprivileged processes may read the kernel message buffer"); - /* Sysctls for accessing/clearing the msgbuf */ static int sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS) @@ -1066,11 +1061,9 @@ sysctl_kern_msgbuf(SYSCTL_HANDLER_ARGS) u_int seq; int error, len; - if (!unprivileged_read_msgbuf) { - error = priv_check(req->td, PRIV_MSGBUF); - if (error) - return (error); - } + error = priv_check(req->td, PRIV_MSGBUF); + if (error) + return (error); /* Read the whole buffer, one chunk at a
svn commit: r339211 - head/sys/kern
Author: jamie Date: Sat Oct 6 02:10:32 2018 New Revision: 339211 URL: https://svnweb.freebsd.org/changeset/base/339211 Log: Fix the test prohibiting jails from sharing IP addresses. It's not supposed to be legal for two jails to contain the same IP address, unless both jails contain only that one address. This is the behavior documented in jail(8), and is there to prevent confusion when multiple jails are listening on IADDR_ANY. VIMAGE jails (now the default for GENERIC kernels) test this correctly, but non-VIMAGE jails have been performing an incomplete test when nested jails are used. Approved by: re@ (kib@) MFC after:5 days Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Fri Oct 5 21:10:03 2018(r339210) +++ head/sys/kern/kern_jail.c Sat Oct 6 02:10:32 2018(r339211) @@ -1393,11 +1393,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i * there is a duplicate on a jail with more than one * IP stop checking and return error. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != tppr = tppr->pr_parent) + for (tppr = ppr; tppr != tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || @@ -1460,11 +1461,12 @@ kern_jail_set(struct thread *td, struct uio *optuio, i } } /* Check for conflicting IP addresses. */ - tppr = ppr; #ifdef VIMAGE - for (; tppr != tppr = tppr->pr_parent) + for (tppr = ppr; tppr != tppr = tppr->pr_parent) if (tppr->pr_flags & PR_VNET) break; +#else + tppr = #endif FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { if (tpr == pr || ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r338091 - stable/10/usr.sbin/jail
Author: jamie Date: Mon Aug 20 05:32:42 2018 New Revision: 338091 URL: https://svnweb.freebsd.org/changeset/base/338091 Log: MFC r337867: Don't let clobber jailparam values when checking for modification of init-only parameters. PR: 230487 Submitted by: Jason Mader Modified: stable/10/usr.sbin/jail/jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/jail.c == --- stable/10/usr.sbin/jail/jail.c Mon Aug 20 05:32:40 2018 (r338090) +++ stable/10/usr.sbin/jail/jail.c Mon Aug 20 05:32:42 2018 (r338091) @@ -800,8 +800,10 @@ rdtun_params(struct cfjail *j, int dofail) exit(1); } for (jp = j->jp; jp < j->jp + j->njp; jp++) - if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) + if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) { *++rtjp = *jp; + rtjp->jp_value = NULL; + } rval = 0; if (jailparam_get(rtparams, nrt, bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) { @@ -812,8 +814,11 @@ rdtun_params(struct cfjail *j, int dofail) jp->jp_valuelen == 0 && *(int *)jp->jp_value) && !(rtjp->jp_valuelen == jp->jp_valuelen && - !memcmp(rtjp->jp_value, jp->jp_value, - jp->jp_valuelen))) { + !((jp->jp_ctltype & CTLTYPE) == + CTLTYPE_STRING ? strncmp(rtjp->jp_value, + jp->jp_value, jp->jp_valuelen) : + memcmp(rtjp->jp_value, jp->jp_value, + jp->jp_valuelen { if (dofail) { jail_warnx(j, "%s cannot be " "changed after creation", ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r338090 - stable/11/usr.sbin/jail
Author: jamie Date: Mon Aug 20 05:32:40 2018 New Revision: 338090 URL: https://svnweb.freebsd.org/changeset/base/338090 Log: MFC r337867: Don't let clobber jailparam values when checking for modification of init-only parameters. PR: 230487 Submitted by: Jason Mader Modified: stable/11/usr.sbin/jail/jail.c Directory Properties: stable/11/ (props changed) Modified: stable/11/usr.sbin/jail/jail.c == --- stable/11/usr.sbin/jail/jail.c Mon Aug 20 04:56:37 2018 (r338089) +++ stable/11/usr.sbin/jail/jail.c Mon Aug 20 05:32:40 2018 (r338090) @@ -802,8 +802,10 @@ rdtun_params(struct cfjail *j, int dofail) exit(1); } for (jp = j->jp; jp < j->jp + j->njp; jp++) - if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) + if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) { *++rtjp = *jp; + rtjp->jp_value = NULL; + } rval = 0; if (jailparam_get(rtparams, nrt, bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) { @@ -814,8 +816,11 @@ rdtun_params(struct cfjail *j, int dofail) jp->jp_valuelen == 0 && *(int *)jp->jp_value) && !(rtjp->jp_valuelen == jp->jp_valuelen && - !memcmp(rtjp->jp_value, jp->jp_value, - jp->jp_valuelen))) { + !((jp->jp_ctltype & CTLTYPE) == + CTLTYPE_STRING ? strncmp(rtjp->jp_value, + jp->jp_value, jp->jp_valuelen) : + memcmp(rtjp->jp_value, jp->jp_value, + jp->jp_valuelen { if (dofail) { jail_warnx(j, "%s cannot be " "changed after creation", ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r337925 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys
Author: jamie Date: Thu Aug 16 19:09:43 2018 New Revision: 337925 URL: https://svnweb.freebsd.org/changeset/base/337925 Log: Revert r337922, except for some documention-only bits. This needs to wait until user is changed to stop using jail(2). Differential Revision:D14791 Modified: head/lib/libc/sys/jail.2 head/sys/compat/freebsd32/freebsd32_misc.c head/sys/compat/freebsd32/freebsd32_proto.h head/sys/compat/freebsd32/freebsd32_syscall.h head/sys/compat/freebsd32/freebsd32_syscalls.c head/sys/compat/freebsd32/freebsd32_sysent.c head/sys/compat/freebsd32/freebsd32_systrace_args.c head/sys/compat/freebsd32/syscalls.master head/sys/kern/init_sysent.c head/sys/kern/kern_jail.c head/sys/kern/syscalls.c head/sys/kern/syscalls.master head/sys/kern/systrace_args.c head/sys/sys/jail.h head/sys/sys/syscall.h head/sys/sys/syscall.mk head/sys/sys/syscallsubr.h head/sys/sys/sysproto.h Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Thu Aug 16 18:58:34 2018(r337924) +++ head/lib/libc/sys/jail.2Thu Aug 16 19:09:43 2018(r337925) @@ -25,10 +25,11 @@ .\" .\" $FreeBSD$ .\" -.Dd August 16, 2018 +.Dd February 8, 2012 .Dt JAIL 2 .Os .Sh NAME +.Nm jail , .Nm jail_get , .Nm jail_set , .Nm jail_remove , @@ -40,6 +41,8 @@ .In sys/param.h .In sys/jail.h .Ft int +.Fn jail "struct jail *jail" +.Ft int .Fn jail_attach "int jid" .Ft int .Fn jail_remove "int jid" @@ -50,7 +53,74 @@ .Fn jail_set "struct iovec *iov" "u_int niov" "int flags" .Sh DESCRIPTION The +.Fn jail +system call sets up a jail and locks the current process in it. +.Pp +The argument is a pointer to a structure describing the prison: +.Bd -literal -offset indent +struct jail { + uint32_tversion; + char*path; + char*hostname; + char*jailname; + unsigned intip4s; + unsigned intip6s; + struct in_addr *ip4; + struct in6_addr *ip6; +}; +.Ed +.Pp +.Dq Li version +defines the version of the API in use. +.Dv JAIL_API_VERSION +is defined for the current version. +.Pp +The +.Dq Li path +pointer should be set to the directory which is to be the root of the +prison. +.Pp +The +.Dq Li hostname +pointer can be set to the hostname of the prison. +This can be changed +from the inside of the prison. +.Pp +The +.Dq Li jailname +pointer is an optional name that can be assigned to the jail +for example for management purposes. +.Pp +The +.Dq Li ip4s +and +.Dq Li ip6s +give the numbers of IPv4 and IPv6 addresses that will be passed +via their respective pointers. +.Pp +The +.Dq Li ip4 +and +.Dq Li ip6 +pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to +the prison, or NULL if none. +IPv4 addresses must be in network byte order. +.Pp +This is equivalent to, and deprecated in favor of, the .Fn jail_set +system call (see below), with the parameters +.Va path , +.Va host.hostname , +.Va name , +.Va ip4.addr , +and +.Va ip6.addr , +and with the +.Dv JAIL_ATTACH +flag. +.Pp +The +.Fn jail_set system call creates a new jail, or modifies an existing one, and optionally locks the current process in it. Jail parameters are passed as an array of name-value pairs in the array @@ -76,19 +146,13 @@ The current set of available parameters, and their for retrieved via the .Va security.jail.param sysctl MIB entry. -Notable parameters include +Notable parameters include those mentioned in the +.Fn jail +description above, as well as .Va jid and -.Va name -which identify the jail being created or modified, -.Va path -(the root directory of the jail), -.Va host.hostname -(the hostname of the jail), and -.Va ip4.addr -and -.Va ip6.addr -(IP addresses to assign to the jail). +.Va name , +which identify the jail being created or modified. See .Xr jail 8 for more information on the core jail parameters. @@ -173,7 +237,8 @@ It will kill all processes belonging to the jail, and of that jail. .Sh RETURN VALUES If successful, -.Fn jail_set +.Fn jail , +.Fn jail_set , and .Fn jail_get return a non-negative integer, termed the jail identifier (JID). @@ -184,6 +249,25 @@ to indicate the error. .Rv -std jail_attach jail_remove .Sh ERRORS The +.Fn jail +system call +will fail if: +.Bl -tag -width Er +.It Bq Er EPERM +This process is not allowed to create a jail, either because it is not +the super-user, or because it would exceed the jail's +.Va children.max +limit. +.It Bq Er EFAULT +.Fa jail +points to an address outside the allocated address space of the process. +.It Bq Er EINVAL +The version number of the argument is not correct. +.It Bq Er EAGAIN +No free JID could be found. +.El +.Pp +The .Fn jail_set system call will fail if: @@ -287,7 +371,8 @@ does not exist. .El .Pp Further -.Fn jail_set +.Fn jail , +.Fn jail_set , and .Fn jail_attach call @@ -301,7 +386,7 @@ manual
svn commit: r337922 - in head: lib/libc/gen lib/libc/sys share/man/man9 sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/freebsd32 sys/fs/nandfs sys/kern sys/sys sys/ufs/ufs
Author: jamie Date: Thu Aug 16 18:40:16 2018 New Revision: 337922 URL: https://svnweb.freebsd.org/changeset/base/337922 Log: Put jail(2) under COMPAT_FREEBSD11. It has been the "old" way of creating jails since FreeBSD 7. Along with the system call, put the various security.jail.allow_foo and security.jail.foo_allowed sysctls partly under COMPAT_FREEBSD11 (or BURN_BRIDGES). These sysctls had two disparate uses: on the system side, they were global permissions for jails created via jail(2) which lacked fine-grained permission controls; inside a jail, they're read-only descriptions of what the current jail is allowed to do. The first use is obsolete along with jail(2), but keep them for the second-read-only use. Differential Revision:D14791 Modified: head/lib/libc/gen/getvfsbyname.3 head/lib/libc/sys/jail.2 head/share/man/man9/VFS_SET.9 head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c head/sys/compat/freebsd32/freebsd32_misc.c head/sys/compat/freebsd32/freebsd32_proto.h head/sys/compat/freebsd32/freebsd32_syscall.h head/sys/compat/freebsd32/freebsd32_syscalls.c head/sys/compat/freebsd32/freebsd32_sysent.c head/sys/compat/freebsd32/freebsd32_systrace_args.c head/sys/compat/freebsd32/syscalls.master head/sys/fs/nandfs/nandfs_vnops.c head/sys/kern/init_sysent.c head/sys/kern/kern_jail.c head/sys/kern/syscalls.c head/sys/kern/syscalls.master head/sys/kern/systrace_args.c head/sys/sys/jail.h head/sys/sys/syscall.h head/sys/sys/syscall.mk head/sys/sys/syscallsubr.h head/sys/sys/sysproto.h head/sys/ufs/ufs/ufs_vnops.c Modified: head/lib/libc/gen/getvfsbyname.3 == --- head/lib/libc/gen/getvfsbyname.3Thu Aug 16 18:37:47 2018 (r337921) +++ head/lib/libc/gen/getvfsbyname.3Thu Aug 16 18:40:16 2018 (r337922) @@ -28,7 +28,7 @@ .\" @(#)kvm_getvfsbyname.3 8.3 (Berkeley) 5/4/95 .\" $FreeBSD$ .\" -.Dd August 30, 2016 +.Dd August 16, 2018 .Dt GETVFSBYNAME 3 .Os .Sh NAME @@ -83,9 +83,10 @@ aliases some other mounted FS stores file names as Unicode .It Dv VFCF_JAIL can be mounted from within a jail if -.Va security.jail.mount_allowed -sysctl is set to -.Dv 1 +.Va allow.mount +and +.Va allow.mount. +jail parameters are set .It Dv VFCF_DELEGADMIN supports delegated administration if .Va vfs.usermount Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Thu Aug 16 18:37:47 2018(r337921) +++ head/lib/libc/sys/jail.2Thu Aug 16 18:40:16 2018(r337922) @@ -25,11 +25,10 @@ .\" .\" $FreeBSD$ .\" -.Dd February 8, 2012 +.Dd August 16, 2018 .Dt JAIL 2 .Os .Sh NAME -.Nm jail , .Nm jail_get , .Nm jail_set , .Nm jail_remove , @@ -41,8 +40,6 @@ .In sys/param.h .In sys/jail.h .Ft int -.Fn jail "struct jail *jail" -.Ft int .Fn jail_attach "int jid" .Ft int .Fn jail_remove "int jid" @@ -53,74 +50,7 @@ .Fn jail_set "struct iovec *iov" "u_int niov" "int flags" .Sh DESCRIPTION The -.Fn jail -system call sets up a jail and locks the current process in it. -.Pp -The argument is a pointer to a structure describing the prison: -.Bd -literal -offset indent -struct jail { - uint32_tversion; - char*path; - char*hostname; - char*jailname; - unsigned intip4s; - unsigned intip6s; - struct in_addr *ip4; - struct in6_addr *ip6; -}; -.Ed -.Pp -.Dq Li version -defines the version of the API in use. -.Dv JAIL_API_VERSION -is defined for the current version. -.Pp -The -.Dq Li path -pointer should be set to the directory which is to be the root of the -prison. -.Pp -The -.Dq Li hostname -pointer can be set to the hostname of the prison. -This can be changed -from the inside of the prison. -.Pp -The -.Dq Li jailname -pointer is an optional name that can be assigned to the jail -for example for management purposes. -.Pp -The -.Dq Li ip4s -and -.Dq Li ip6s -give the numbers of IPv4 and IPv6 addresses that will be passed -via their respective pointers. -.Pp -The -.Dq Li ip4 -and -.Dq Li ip6 -pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to -the prison, or NULL if none. -IPv4 addresses must be in network byte order. -.Pp -This is equivalent to, and deprecated in favor of, the .Fn jail_set -system call (see below), with the parameters -.Va path , -.Va host.hostname , -.Va name , -.Va ip4.addr , -and -.Va ip6.addr , -and with the -.Dv JAIL_ATTACH -flag. -.Pp -The -.Fn jail_set system call creates a new jail, or modifies an existing one, and optionally locks the current process in it. Jail parameters are passed as an array of name-value pairs in the array @@ -146,13 +76,19 @@ The current set of available parameters, and their for retrieved via the .Va security.jail.param sysctl MIB entry. -Notable
svn commit: r337919 - head/usr.sbin/jail
Author: jamie Date: Thu Aug 16 18:30:49 2018 New Revision: 337919 URL: https://svnweb.freebsd.org/changeset/base/337919 Log: security.jail.enforce_statfs is handled by jail_set(2), so handling it in userspace jail(8) is redundant. Differential Revision:D14791 Modified: head/usr.sbin/jail/config.c head/usr.sbin/jail/jail.c head/usr.sbin/jail/jailp.h Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu Aug 16 18:27:43 2018(r337918) +++ head/usr.sbin/jail/config.c Thu Aug 16 18:30:49 2018(r337919) @@ -106,7 +106,6 @@ static const struct ipspec intparams[] = { [KP_ALLOW_SOCKET_AF] = {"allow.socket_af", 0}, [KP_ALLOW_SYSVIPC] = {"allow.sysvipc", 0}, [KP_DEVFS_RULESET] = {"devfs_ruleset", 0}, -[KP_ENFORCE_STATFS] = {"enforce_statfs", 0}, [KP_HOST_HOSTNAME] = {"host.hostname", 0}, #ifdef INET [KP_IP4_ADDR] ={"ip4.addr",0}, Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Thu Aug 16 18:27:43 2018(r337918) +++ head/usr.sbin/jail/jail.c Thu Aug 16 18:30:49 2018(r337919) @@ -138,7 +138,6 @@ main(int argc, char **argv) unsigned op, pi; int ch, docf, error, i, oldcl, sysval; int dflag, Rflag; - char enforce_statfs[4]; #if defined(INET) || defined(INET6) char *cs, *ncs; #endif @@ -275,14 +274,6 @@ main(int argc, char **argv) (sysval ? 1 : 0) ^ perm_sysctl[pi].rev ? NULL : "false"); - } - sysvallen = sizeof(sysval); - if (sysctlbyname("security.jail.enforce_statfs", - , , NULL, 0) == 0) { - snprintf(enforce_statfs, - sizeof(enforce_statfs), "%d", sysval); - add_param(NULL, NULL, KP_ENFORCE_STATFS, - enforce_statfs); } } } else if (op == JF_STOP) { Modified: head/usr.sbin/jail/jailp.h == --- head/usr.sbin/jail/jailp.h Thu Aug 16 18:27:43 2018(r337918) +++ head/usr.sbin/jail/jailp.h Thu Aug 16 18:30:49 2018(r337919) @@ -120,7 +120,6 @@ enum intparam { KP_ALLOW_SOCKET_AF, KP_ALLOW_SYSVIPC, KP_DEVFS_RULESET, - KP_ENFORCE_STATFS, KP_HOST_HOSTNAME, #ifdef INET KP_IP4_ADDR, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r337879 - stable/11/lib/libjail
Author: jamie Date: Wed Aug 15 22:32:43 2018 New Revision: 337879 URL: https://svnweb.freebsd.org/changeset/base/337879 Log: Load filesystem modules associated with allow.mount permissions. PR: 192092 Modified: stable/11/lib/libjail/jail.c Modified: stable/11/lib/libjail/jail.c == --- stable/11/lib/libjail/jail.cWed Aug 15 22:25:05 2018 (r337878) +++ stable/11/lib/libjail/jail.cWed Aug 15 22:32:43 2018 (r337879) @@ -513,7 +513,18 @@ jailparam_set(struct jailparam *jp, unsigned njp, int } jiov[i - 1].iov_base = nname; jiov[i - 1].iov_len = strlen(nname) + 1; - + } + /* +* Load filesystem modules associated with allow.mount +* permissions. Ignore failure, since the module may +* be static, and even a failure to load is not a jail +* error. +*/ + if (strncmp(jp[j].jp_name, "allow.mount.", 12) == 0) { + if (kldload(jp[j].jp_name + 12) < 0 && + errno == ENOENT && + strncmp(jp[j].jp_name + 12, "no", 2) == 0) + (void)kldload(jp[j].jp_name + 14); } } else { /* ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r337880 - stable/10/lib/libjail
Author: jamie Date: Wed Aug 15 22:32:55 2018 New Revision: 337880 URL: https://svnweb.freebsd.org/changeset/base/337880 Log: Load filesystem modules associated with allow.mount permissions. PR: 192092 Modified: stable/10/lib/libjail/jail.c Modified: stable/10/lib/libjail/jail.c == --- stable/10/lib/libjail/jail.cWed Aug 15 22:32:43 2018 (r337879) +++ stable/10/lib/libjail/jail.cWed Aug 15 22:32:55 2018 (r337880) @@ -513,7 +513,18 @@ jailparam_set(struct jailparam *jp, unsigned njp, int } jiov[i - 1].iov_base = nname; jiov[i - 1].iov_len = strlen(nname) + 1; - + } + /* +* Load filesystem modules associated with allow.mount +* permissions. Ignore failure, since the module may +* be static, and even a failure to load is not a jail +* error. +*/ + if (strncmp(jp[j].jp_name, "allow.mount.", 12) == 0) { + if (kldload(jp[j].jp_name + 12) < 0 && + errno == ENOENT && + strncmp(jp[j].jp_name + 12, "no", 2) == 0) + (void)kldload(jp[j].jp_name + 14); } } else { /* ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r337876 - stable/10/lib/libjail
Author: jamie Date: Wed Aug 15 21:38:44 2018 New Revision: 337876 URL: https://svnweb.freebsd.org/changeset/base/337876 Log: MFC r331332: If a jail parameter isn't found, try loading a related kernel module. PR: 192092 Modified: stable/10/lib/libjail/jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libjail/jail.c == --- stable/10/lib/libjail/jail.cWed Aug 15 21:38:10 2018 (r337875) +++ stable/10/lib/libjail/jail.cWed Aug 15 21:38:44 2018 (r337876) @@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -57,6 +58,7 @@ __FBSDID("$FreeBSD$"); static int jailparam_import_enum(const char **values, int nvalues, const char *valstr, size_t valsize, int *value); static int jailparam_type(struct jailparam *jp); +static int kldload_param(const char *name); static char *noname(const char *name); static char *nononame(const char *name); @@ -885,6 +887,9 @@ jailparam_type(struct jailparam *jp) "sysctl(0.3.%s): %s", name, strerror(errno)); return (-1); } + if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, , + desc.s, strlen(desc.s)) >= 0) + goto mib_desc; /* * The parameter probably doesn't exist. But it might be * the "no" counterpart to a boolean. @@ -1021,6 +1026,33 @@ jailparam_type(struct jailparam *jp) jp->jp_valuelen = 0; } return (0); +} + +/* + * Attempt to load a kernel module matching an otherwise nonexistent parameter. + */ +static int +kldload_param(const char *name) +{ + int kl; + + if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0) + kl = kldload("linux"); + else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 || + strcmp(name, "sysvshm") == 0) + kl = kldload(name); + else { + errno = ENOENT; + return (-1); + } + if (kl < 0 && errno == EEXIST) { + /* +* In the module is already loaded, then it must not contain +* the parameter. +*/ + errno = ENOENT; + } + return kl; } /* ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r337875 - stable/11/lib/libjail
Author: jamie Date: Wed Aug 15 21:38:10 2018 New Revision: 337875 URL: https://svnweb.freebsd.org/changeset/base/337875 Log: MFC r331332: If a jail parameter isn't found, try loading a related kernel module. PR: 192092 Modified: stable/11/lib/libjail/jail.c Directory Properties: stable/11/ (props changed) Modified: stable/11/lib/libjail/jail.c == --- stable/11/lib/libjail/jail.cWed Aug 15 21:38:06 2018 (r337874) +++ stable/11/lib/libjail/jail.cWed Aug 15 21:38:10 2018 (r337875) @@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -57,6 +58,7 @@ __FBSDID("$FreeBSD$"); static int jailparam_import_enum(const char **values, int nvalues, const char *valstr, size_t valsize, int *value); static int jailparam_type(struct jailparam *jp); +static int kldload_param(const char *name); static char *noname(const char *name); static char *nononame(const char *name); @@ -885,6 +887,9 @@ jailparam_type(struct jailparam *jp) "sysctl(0.3.%s): %s", name, strerror(errno)); return (-1); } + if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, , + desc.s, strlen(desc.s)) >= 0) + goto mib_desc; /* * The parameter probably doesn't exist. But it might be * the "no" counterpart to a boolean. @@ -1021,6 +1026,33 @@ jailparam_type(struct jailparam *jp) jp->jp_valuelen = 0; } return (0); +} + +/* + * Attempt to load a kernel module matching an otherwise nonexistent parameter. + */ +static int +kldload_param(const char *name) +{ + int kl; + + if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0) + kl = kldload("linux"); + else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 || + strcmp(name, "sysvshm") == 0) + kl = kldload(name); + else { + errno = ENOENT; + return (-1); + } + if (kl < 0 && errno == EEXIST) { + /* +* In the module is already loaded, then it must not contain +* the parameter. +*/ + errno = ENOENT; + } + return kl; } /* ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r337867 - head/usr.sbin/jail
Author: jamie Date: Wed Aug 15 20:23:17 2018 New Revision: 337867 URL: https://svnweb.freebsd.org/changeset/base/337867 Log: Don't let clobber jailparam values when checking for modification of init-only parameters. Compare string parameter values with strncmp, not memcmp. PR: 230487 Reported by: Jason Mader MFC after:3 days Modified: head/usr.sbin/jail/jail.c Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Wed Aug 15 20:23:08 2018(r337866) +++ head/usr.sbin/jail/jail.c Wed Aug 15 20:23:17 2018(r337867) @@ -803,8 +803,10 @@ rdtun_params(struct cfjail *j, int dofail) exit(1); } for (jp = j->jp; jp < j->jp + j->njp; jp++) - if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) + if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) { *++rtjp = *jp; + rtjp->jp_value = NULL; + } rval = 0; if (jailparam_get(rtparams, nrt, bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) { @@ -815,8 +817,11 @@ rdtun_params(struct cfjail *j, int dofail) jp->jp_valuelen == 0 && *(int *)jp->jp_value) && !(rtjp->jp_valuelen == jp->jp_valuelen && - !memcmp(rtjp->jp_value, jp->jp_value, - jp->jp_valuelen))) { + !((jp->jp_ctltype & CTLTYPE) == + CTLTYPE_STRING ? strncmp(rtjp->jp_value, + jp->jp_value, jp->jp_valuelen) : + memcmp(rtjp->jp_value, jp->jp_value, + jp->jp_valuelen { if (dofail) { jail_warnx(j, "%s cannot be " "changed after creation", ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r336040 - in stable/11: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat
Author: jamie Date: Fri Jul 6 19:10:11 2018 New Revision: 336040 URL: https://svnweb.freebsd.org/changeset/base/336040 Log: MFC r335921: Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8), sockstat(1), ugidfw(8) These are the last of the jail-aware userland utilities that didn't work with names. PR: 229266 Differential Revision:D16047 Modified: stable/11/lib/libugidfw/ugidfw.c stable/11/sbin/ipfw/Makefile stable/11/sbin/ipfw/ipfw.8 stable/11/sbin/ipfw/ipfw2.c stable/11/usr.bin/cpuset/Makefile stable/11/usr.bin/cpuset/cpuset.1 stable/11/usr.bin/cpuset/cpuset.c stable/11/usr.bin/sockstat/Makefile stable/11/usr.bin/sockstat/sockstat.1 stable/11/usr.bin/sockstat/sockstat.c Directory Properties: stable/11/ (props changed) Modified: stable/11/lib/libugidfw/ugidfw.c == --- stable/11/lib/libugidfw/ugidfw.cFri Jul 6 19:10:07 2018 (r336039) +++ stable/11/lib/libugidfw/ugidfw.cFri Jul 6 19:10:11 2018 (r336040) @@ -32,9 +32,11 @@ */ #include #include +#include #include #include #include +#include #include #include @@ -598,16 +600,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max } static int +bsde_get_jailid(const char *name, size_t buflen, char *errstr) +{ + char *ep; + int jid; + struct iovec jiov[4]; + + /* Copy jail_getid(3) instead of messing with library dependancies */ + jid = strtoul(name, , 10); + if (*name && !*ep) + return jid; + jiov[0].iov_base = __DECONST(char *, "name"); + jiov[0].iov_len = sizeof("name"); + jiov[1].iov_len = strlen(name) + 1; + jiov[1].iov_base = alloca(jiov[1].iov_len); + strcpy(jiov[1].iov_base, name); + if (errstr && buflen) { + jiov[2].iov_base = __DECONST(char *, "errmsg"); + jiov[2].iov_len = sizeof("errmsg"); + jiov[3].iov_base = errstr; + jiov[3].iov_len = buflen; + errstr[0] = 0; + jid = jail_get(jiov, 4, 0); + if (jid < 0 && !errstr[0]) + snprintf(errstr, buflen, "jail_get: %s", + strerror(errno)); + } else + jid = jail_get(jiov, 2, 0); + return jid; +} + +static int bsde_parse_subject(int argc, char *argv[], struct mac_bsdextended_subject *subject, size_t buflen, char *errstr) { int not_seen, flags; int current, neg, nextnot; - char *endp; uid_t uid_min, uid_max; gid_t gid_min, gid_max; int jid = 0; - long value; current = 0; flags = 0; @@ -666,13 +697,9 @@ bsde_parse_subject(int argc, char *argv[], snprintf(errstr, buflen, "one jail only"); return (-1); } - value = strtol(argv[current+1], , 10); - if (*endp != '\0') { - snprintf(errstr, buflen, "invalid jid: '%s'", - argv[current+1]); + jid = bsde_get_jailid(argv[current+1], buflen, errstr); + if (jid < 0) return (-1); - } - jid = value; flags |= MBS_PRISON_DEFINED; if (nextnot) { neg ^= MBS_PRISON_DEFINED; Modified: stable/11/sbin/ipfw/Makefile == --- stable/11/sbin/ipfw/MakefileFri Jul 6 19:10:07 2018 (r336039) +++ stable/11/sbin/ipfw/MakefileFri Jul 6 19:10:11 2018 (r336040) @@ -13,7 +13,7 @@ SRCS+=altq.c CFLAGS+=-DPF .endif -LIBADD=util +LIBADD=jail util MAN= ipfw.8 .include Modified: stable/11/sbin/ipfw/ipfw.8 == --- stable/11/sbin/ipfw/ipfw.8 Fri Jul 6 19:10:07 2018(r336039) +++ stable/11/sbin/ipfw/ipfw.8 Fri Jul 6 19:10:11 2018(r336040) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd June 28, 2018 +.Dd July 3, 2018 .Dt IPFW 8 .Os .Sh NAME @@ -1535,10 +1535,10 @@ Matches all TCP or UDP packets sent by or received for A .Ar group may be specified by name or number. -.It Cm jail Ar prisonID +.It Cm jail Ar jail Matches all TCP or UDP packets sent by or received for the -jail whos prison ID is -.Ar prisonID . +jail whose ID or name is +.Ar jail . .It Cm icmptypes Ar types Matches ICMP packets whose ICMP type is in the list .Ar types . Modified: stable/11/sbin/ipfw/ipfw2.c == --- stable/11/sbin/ipfw/ipfw2.c Fri Jul 6 19:10:07 2018(r336039) +++
svn commit: r336039 - in stable/10: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat
Author: jamie Date: Fri Jul 6 19:10:07 2018 New Revision: 336039 URL: https://svnweb.freebsd.org/changeset/base/336039 Log: MFC r335921: Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8), sockstat(1), ugidfw(8) These are the last of the jail-aware userland utilities that didn't work with names. PR: 229266 Differential Revision:D16047 Modified: stable/10/lib/libugidfw/ugidfw.c stable/10/sbin/ipfw/Makefile stable/10/sbin/ipfw/ipfw.8 stable/10/sbin/ipfw/ipfw2.c stable/10/usr.bin/cpuset/Makefile stable/10/usr.bin/cpuset/cpuset.1 stable/10/usr.bin/cpuset/cpuset.c stable/10/usr.bin/sockstat/Makefile stable/10/usr.bin/sockstat/sockstat.1 stable/10/usr.bin/sockstat/sockstat.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libugidfw/ugidfw.c == --- stable/10/lib/libugidfw/ugidfw.cFri Jul 6 18:50:22 2018 (r336038) +++ stable/10/lib/libugidfw/ugidfw.cFri Jul 6 19:10:07 2018 (r336039) @@ -32,9 +32,11 @@ */ #include #include +#include #include #include #include +#include #include #include @@ -599,16 +601,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max } int +bsde_get_jailid(const char *name, size_t buflen, char *errstr) +{ + char *ep; + int jid; + struct iovec jiov[4]; + + /* Copy jail_getid(3) instead of messing with library dependancies */ + jid = strtoul(name, , 10); + if (*name && !*ep) + return jid; + jiov[0].iov_base = __DECONST(char *, "name"); + jiov[0].iov_len = sizeof("name"); + jiov[1].iov_len = strlen(name) + 1; + jiov[1].iov_base = alloca(jiov[1].iov_len); + strcpy(jiov[1].iov_base, name); + if (errstr && buflen) { + jiov[2].iov_base = __DECONST(char *, "errmsg"); + jiov[2].iov_len = sizeof("errmsg"); + jiov[3].iov_base = errstr; + jiov[3].iov_len = buflen; + errstr[0] = 0; + jid = jail_get(jiov, 4, 0); + if (jid < 0 && !errstr[0]) + snprintf(errstr, buflen, "jail_get: %s", + strerror(errno)); + } else + jid = jail_get(jiov, 2, 0); + return jid; +} + +static int bsde_parse_subject(int argc, char *argv[], struct mac_bsdextended_subject *subject, size_t buflen, char *errstr) { int not_seen, flags; int current, neg, nextnot; - char *endp; uid_t uid_min, uid_max; gid_t gid_min, gid_max; int jid; - long value; current = 0; flags = 0; @@ -667,13 +698,9 @@ bsde_parse_subject(int argc, char *argv[], snprintf(errstr, buflen, "one jail only"); return (-1); } - value = strtol(argv[current+1], , 10); - if (*endp != '\0') { - snprintf(errstr, buflen, "invalid jid: '%s'", - argv[current+1]); + jid = bsde_get_jailid(argv[current+1], buflen, errstr); + if (jid < 0) return (-1); - } - jid = value; flags |= MBS_PRISON_DEFINED; if (nextnot) { neg ^= MBS_PRISON_DEFINED; Modified: stable/10/sbin/ipfw/Makefile == --- stable/10/sbin/ipfw/MakefileFri Jul 6 18:50:22 2018 (r336038) +++ stable/10/sbin/ipfw/MakefileFri Jul 6 19:10:07 2018 (r336039) @@ -11,8 +11,8 @@ SRCS+=altq.c CFLAGS+=-DPF .endif -DPADD= ${LIBUTIL} -LDADD= -lutil +DPADD= ${LIBJAIL} ${LIBUTIL} +LDADD= -ljail -lutil MAN= ipfw.8 .include Modified: stable/10/sbin/ipfw/ipfw.8 == --- stable/10/sbin/ipfw/ipfw.8 Fri Jul 6 18:50:22 2018(r336038) +++ stable/10/sbin/ipfw/ipfw.8 Fri Jul 6 19:10:07 2018(r336039) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 12, 2018 +.Dd July 3, 2018 .Dt IPFW 8 .Os .Sh NAME @@ -1377,10 +1377,10 @@ Matches all TCP or UDP packets sent by or received for A .Ar group may be specified by name or number. -.It Cm jail Ar prisonID +.It Cm jail Ar jail Matches all TCP or UDP packets sent by or received for the -jail whos prison ID is -.Ar prisonID . +jail whose ID or name is +.Ar jail . .It Cm icmptypes Ar types Matches ICMP packets whose ICMP type is in the list .Ar types . Modified: stable/10/sbin/ipfw/ipfw2.c == --- stable/10/sbin/ipfw/ipfw2.c Fri Jul 6
svn commit: r336038 - in head/sys: kern sys
Author: jamie Date: Fri Jul 6 18:50:22 2018 New Revision: 336038 URL: https://svnweb.freebsd.org/changeset/base/336038 Log: Change prison_add_vfs() to the more generic prison_add_allow(), which can add any dynamic allow.* or allow.*.* parameter. Also keep prison_add_vfs() as a wrapper. Differential Revision:D16146 Modified: head/sys/kern/kern_jail.c head/sys/sys/jail.h Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Fri Jul 6 17:39:48 2018(r336037) +++ head/sys/kern/kern_jail.c Fri Jul 6 18:50:22 2018(r336038) @@ -3760,37 +3760,43 @@ SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLA "B", "Jail may mount/unmount jail-friendly file systems in general"); /* - * The VFS system will register jail-aware filesystems here. They each get - * a parameter allow.mount.xxxfs and a flag to check when a jailed user - * attempts to mount. + * Add a dynamic parameter allow., or allow... Return + * its associated bit in the pr_allow bitmask, or zero if the parameter was + * not created. */ -void -prison_add_vfs(struct vfsconf *vfsp) +unsigned +prison_add_allow(const char *prefix, const char *name, const char *prefix_descr, +const char *descr) { - char *allow_name, *allow_noname, *mount_allowed; struct bool_flags *bf; + struct sysctl_oid *parent; + char *allow_name, *allow_noname, *allowed; #ifndef NO_SYSCTL_DESCR - char *descr; + char *descr_deprecated; #endif unsigned allow_flag; - if (asprintf(_name, M_PRISON, "allow.mount.%s", vfsp->vfc_name) < - 0 || asprintf(_noname, M_PRISON, "allow.mount.no%s", - vfsp->vfc_name) < 0) { + if (prefix + ? asprintf(_name, M_PRISON, "allow.%s.%s", prefix, name) + < 0 || + asprintf(_noname, M_PRISON, "allow.%s.no%s", prefix, name) + < 0 + : asprintf(_name, M_PRISON, "allow.%s", name) < 0 || + asprintf(_noname, M_PRISON, "allow.no%s", name) < 0) { free(allow_name, M_PRISON); - return; + return 0; } /* -* See if this parameter has already beed added, i.e. if the filesystem -* was previously loaded/unloaded. +* See if this parameter has already beed added, i.e. a module was +* previously loaded/unloaded. */ mtx_lock(_mtx); for (bf = pr_flag_allow; bf < pr_flag_allow + nitems(pr_flag_allow) && bf->flag != 0; bf++) { if (strcmp(bf->name, allow_name) == 0) { - vfsp->vfc_prison_flag = bf->flag; + allow_flag = bf->flag; goto no_add; } } @@ -3798,7 +3804,7 @@ prison_add_vfs(struct vfsconf *vfsp) /* * Find a free bit in prison0's pr_allow, failing if there are none * (which shouldn't happen as long as we keep track of how many -* filesystems are jail-aware). +* potential dynamic flags exist). */ for (allow_flag = 1;; allow_flag <<= 1) { if (allow_flag == 0) @@ -3815,52 +3821,73 @@ prison_add_vfs(struct vfsconf *vfsp) for (bf = pr_flag_allow; bf->flag != 0; bf++) if (bf == pr_flag_allow + nitems(pr_flag_allow)) { /* This should never happen, but is not fatal. */ + allow_flag = 0; goto no_add; } prison0.pr_allow |= allow_flag; bf->name = allow_name; bf->noname = allow_noname; bf->flag = allow_flag; - vfsp->vfc_prison_flag = allow_flag; mtx_unlock(_mtx); /* * Create sysctls for the paramter, and the back-compat global * permission. */ -#ifndef NO_SYSCTL_DESCR - (void)asprintf(, M_TEMP, "Jail may mount the %s file system", - vfsp->vfc_name); -#endif - (void)SYSCTL_ADD_PROC(NULL, - SYSCTL_CHILDREN(___security_jail_param_allow_mount), - OID_AUTO, vfsp->vfc_name, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + parent = prefix + ? SYSCTL_ADD_NODE(NULL, + SYSCTL_CHILDREN(___security_jail_param_allow), + OID_AUTO, prefix, 0, 0, prefix_descr) + : ___security_jail_param_allow; + (void)SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(parent), OID_AUTO, + name, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, 0, sysctl_jail_param, "B", descr); + if ((prefix +? asprintf(, M_TEMP, "%s_%s_allowed", prefix, name) +: asprintf(, M_TEMP, "%s_allowed", name)) >= 0) { #ifndef NO_SYSCTL_DESCR - free(descr, M_TEMP); + (void)asprintf(_deprecated, M_TEMP, "%s (deprecated)", + descr); #endif - if
svn commit: r336035 - head/usr.bin/cpuset
Author: jamie Date: Fri Jul 6 16:23:30 2018 New Revision: 336035 URL: https://svnweb.freebsd.org/changeset/base/336035 Log: Missed a bit of doc change from r335921. PR: 229266 Modified: head/usr.bin/cpuset/cpuset.1 Modified: head/usr.bin/cpuset/cpuset.1 == --- head/usr.bin/cpuset/cpuset.1Fri Jul 6 16:22:26 2018 (r336034) +++ head/usr.bin/cpuset/cpuset.1Fri Jul 6 16:23:30 2018 (r336035) @@ -52,7 +52,7 @@ .Op Fl c .Op Fl l Ar cpu-list .Op Fl n Ar policy:domain-list -.Op Fl j Ar jailid | Fl p Ar pid | Fl t Ar tid | Fl s Ar setid | Fl x Ar irq +.Op Fl j Ar jail | Fl p Ar pid | Fl t Ar tid | Fl s Ar setid | Fl x Ar irq .Nm .Fl g .Op Fl cir ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r335921 - in head: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat
Author: jamie Date: Tue Jul 3 23:47:20 2018 New Revision: 335921 URL: https://svnweb.freebsd.org/changeset/base/335921 Log: Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8), sockstat(1), ugidfw(8) These are the last of the jail-aware userland utilities that didn't work with names. PR: 229266 MFC after:3 days Differential Revision:D16047 Modified: head/lib/libugidfw/ugidfw.c head/sbin/ipfw/Makefile head/sbin/ipfw/ipfw.8 head/sbin/ipfw/ipfw2.c head/usr.bin/cpuset/Makefile head/usr.bin/cpuset/cpuset.1 head/usr.bin/cpuset/cpuset.c head/usr.bin/sockstat/Makefile head/usr.bin/sockstat/sockstat.1 head/usr.bin/sockstat/sockstat.c Modified: head/lib/libugidfw/ugidfw.c == --- head/lib/libugidfw/ugidfw.c Tue Jul 3 23:45:02 2018(r335920) +++ head/lib/libugidfw/ugidfw.c Tue Jul 3 23:47:20 2018(r335921) @@ -34,9 +34,11 @@ */ #include #include +#include #include #include #include +#include #include #include @@ -600,16 +602,45 @@ bsde_parse_gidrange(char *spec, gid_t *min, gid_t *max } static int +bsde_get_jailid(const char *name, size_t buflen, char *errstr) +{ + char *ep; + int jid; + struct iovec jiov[4]; + + /* Copy jail_getid(3) instead of messing with library dependancies */ + jid = strtoul(name, , 10); + if (*name && !*ep) + return jid; + jiov[0].iov_base = __DECONST(char *, "name"); + jiov[0].iov_len = sizeof("name"); + jiov[1].iov_len = strlen(name) + 1; + jiov[1].iov_base = alloca(jiov[1].iov_len); + strcpy(jiov[1].iov_base, name); + if (errstr && buflen) { + jiov[2].iov_base = __DECONST(char *, "errmsg"); + jiov[2].iov_len = sizeof("errmsg"); + jiov[3].iov_base = errstr; + jiov[3].iov_len = buflen; + errstr[0] = 0; + jid = jail_get(jiov, 4, 0); + if (jid < 0 && !errstr[0]) + snprintf(errstr, buflen, "jail_get: %s", + strerror(errno)); + } else + jid = jail_get(jiov, 2, 0); + return jid; +} + +static int bsde_parse_subject(int argc, char *argv[], struct mac_bsdextended_subject *subject, size_t buflen, char *errstr) { int not_seen, flags; int current, neg, nextnot; - char *endp; uid_t uid_min, uid_max; gid_t gid_min, gid_max; int jid = 0; - long value; current = 0; flags = 0; @@ -668,13 +699,9 @@ bsde_parse_subject(int argc, char *argv[], snprintf(errstr, buflen, "one jail only"); return (-1); } - value = strtol(argv[current+1], , 10); - if (*endp != '\0') { - snprintf(errstr, buflen, "invalid jid: '%s'", - argv[current+1]); + jid = bsde_get_jailid(argv[current+1], buflen, errstr); + if (jid < 0) return (-1); - } - jid = value; flags |= MBS_PRISON_DEFINED; if (nextnot) { neg ^= MBS_PRISON_DEFINED; Modified: head/sbin/ipfw/Makefile == --- head/sbin/ipfw/Makefile Tue Jul 3 23:45:02 2018(r335920) +++ head/sbin/ipfw/Makefile Tue Jul 3 23:47:20 2018(r335921) @@ -13,7 +13,7 @@ SRCS+=altq.c CFLAGS+=-DPF .endif -LIBADD=util +LIBADD=jail util MAN= ipfw.8 .include Modified: head/sbin/ipfw/ipfw.8 == --- head/sbin/ipfw/ipfw.8 Tue Jul 3 23:45:02 2018(r335920) +++ head/sbin/ipfw/ipfw.8 Tue Jul 3 23:47:20 2018(r335921) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd June 28, 2018 +.Dd July 3, 2018 .Dt IPFW 8 .Os .Sh NAME @@ -1535,10 +1535,10 @@ Matches all TCP or UDP packets sent by or received for A .Ar group may be specified by name or number. -.It Cm jail Ar prisonID +.It Cm jail Ar jail Matches all TCP or UDP packets sent by or received for the -jail whos prison ID is -.Ar prisonID . +jail whose ID or name is +.Ar jail . .It Cm icmptypes Ar types Matches ICMP packets whose ICMP type is in the list .Ar types . Modified: head/sbin/ipfw/ipfw2.c == --- head/sbin/ipfw/ipfw2.c Tue Jul 3 23:45:02 2018(r335920) +++ head/sbin/ipfw/ipfw2.c Tue Jul 3 23:47:20 2018(r335921) @@ -32,6 +32,7 @@ #include #include #include +#include #include #include
svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/pse...
Author: jamie Date: Fri May 4 20:54:27 2018 New Revision: 333263 URL: https://svnweb.freebsd.org/changeset/base/333263 Log: Make it easier for filesystems to count themselves as jail-enabled, by doing most of the work in a new function prison_add_vfs in kern_jail.c Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and the rest is taken care of. This includes adding a jail parameter like allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed. Both of these used to be a static list of known filesystems, with predefined permission bits. Reviewed by: kib Differential Revision:D14681 Modified: head/lib/libjail/jail.c head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c head/sys/compat/linprocfs/linprocfs.c head/sys/compat/linsysfs/linsysfs.c head/sys/fs/devfs/devfs_vfsops.c head/sys/fs/fdescfs/fdesc_vfsops.c head/sys/fs/nullfs/null_vfsops.c head/sys/fs/procfs/procfs.c head/sys/fs/pseudofs/pseudofs.h head/sys/fs/tmpfs/tmpfs_vfsops.c head/sys/kern/kern_jail.c head/sys/kern/vfs_init.c head/sys/kern/vfs_mount.c head/sys/kern/vfs_subr.c head/sys/sys/jail.h head/sys/sys/mount.h head/usr.sbin/jail/jail.8 Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Fri May 4 20:38:26 2018(r333262) +++ head/lib/libjail/jail.c Fri May 4 20:54:27 2018(r333263) @@ -1048,7 +1048,13 @@ kldload_param(const char *name) else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 || strcmp(name, "sysvshm") == 0) kl = kldload(name); - else { + else if (strncmp(name, "allow.mount.", 12) == 0) { + /* Load the matching filesystem */ + kl = kldload(name + 12); + if (kl < 0 && errno == ENOENT && + strncmp(name + 12, "no", 2) == 0) + kl = kldload(name + 14); + } else { errno = ENOENT; return (-1); } Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.cFri May 4 20:38:26 2018(r333262) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vfsops.cFri May 4 20:54:27 2018(r333263) @@ -1640,9 +1640,6 @@ zfs_mount(vfs_t *vfsp) osname = spn.pn_path; #else /* !illumos */ - if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_ZFS)) - return (SET_ERROR(EPERM)); - if (vfs_getopt(vfsp->mnt_optnew, "from", (void **), NULL)) return (SET_ERROR(EINVAL)); Modified: head/sys/compat/linprocfs/linprocfs.c == --- head/sys/compat/linprocfs/linprocfs.c Fri May 4 20:38:26 2018 (r333262) +++ head/sys/compat/linprocfs/linprocfs.c Fri May 4 20:54:27 2018 (r333263) @@ -1652,7 +1652,7 @@ linprocfs_uninit(PFS_INIT_ARGS) return (0); } -PSEUDOFS(linprocfs, 1, PR_ALLOW_MOUNT_LINPROCFS); +PSEUDOFS(linprocfs, 1, VFCF_JAIL); #if defined(__amd64__) MODULE_DEPEND(linprocfs, linux_common, 1, 1, 1); #else Modified: head/sys/compat/linsysfs/linsysfs.c == --- head/sys/compat/linsysfs/linsysfs.c Fri May 4 20:38:26 2018 (r333262) +++ head/sys/compat/linsysfs/linsysfs.c Fri May 4 20:54:27 2018 (r333263) @@ -556,7 +556,7 @@ linsysfs_uninit(PFS_INIT_ARGS) return (0); } -PSEUDOFS(linsysfs, 1, PR_ALLOW_MOUNT_LINSYSFS); +PSEUDOFS(linsysfs, 1, VFCF_JAIL); #if defined(__amd64__) MODULE_DEPEND(linsysfs, linux_common, 1, 1, 1); #else Modified: head/sys/fs/devfs/devfs_vfsops.c == --- head/sys/fs/devfs/devfs_vfsops.cFri May 4 20:38:26 2018 (r333262) +++ head/sys/fs/devfs/devfs_vfsops.cFri May 4 20:54:27 2018 (r333263) @@ -83,9 +83,6 @@ devfs_mount(struct mount *mp) if (mp->mnt_flag & MNT_ROOTFS) return (EOPNOTSUPP); - if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_DEVFS)) - return (EPERM); - rsnum = 0; injail = jailed(td->td_ucred); Modified: head/sys/fs/fdescfs/fdesc_vfsops.c == --- head/sys/fs/fdescfs/fdesc_vfsops.c Fri May 4 20:38:26 2018 (r333262) +++ head/sys/fs/fdescfs/fdesc_vfsops.c Fri May 4 20:54:27 2018 (r333263) @@ -81,12 +81,8 @@ static int fdesc_mount(struct mount *mp) { struct fdescmount *fmp; - struct thread *td = curthread; struct vnode *rvp; int error; - - if (!prison_allow(td->td_ucred,
svn commit: r331332 - head/lib/libjail
Author: jamie Date: Wed Mar 21 23:50:46 2018 New Revision: 331332 URL: https://svnweb.freebsd.org/changeset/base/331332 Log: If a jail parameter isn't found, try loading a related kernel module. Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Wed Mar 21 23:46:26 2018(r331331) +++ head/lib/libjail/jail.c Wed Mar 21 23:50:46 2018(r331332) @@ -32,6 +32,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -59,6 +60,7 @@ __FBSDID("$FreeBSD$"); static int jailparam_import_enum(const char **values, int nvalues, const char *valstr, size_t valsize, int *value); static int jailparam_type(struct jailparam *jp); +static int kldload_param(const char *name); static char *noname(const char *name); static char *nononame(const char *name); @@ -892,6 +894,9 @@ jailparam_type(struct jailparam *jp) "sysctl(0.3.%s): %s", name, strerror(errno)); return (-1); } + if (kldload_param(name) >= 0 && sysctl(mib, 2, mib + 2, , + desc.s, strlen(desc.s)) >= 0) + goto mib_desc; /* * The parameter probably doesn't exist. But it might be * the "no" counterpart to a boolean. @@ -1028,6 +1033,33 @@ jailparam_type(struct jailparam *jp) jp->jp_valuelen = 0; } return (0); +} + +/* + * Attempt to load a kernel module matching an otherwise nonexistent parameter. + */ +static int +kldload_param(const char *name) +{ + int kl; + + if (strcmp(name, "linux") == 0 || strncmp(name, "linux.", 6) == 0) + kl = kldload("linux"); + else if (strcmp(name, "sysvmsg") == 0 || strcmp(name, "sysvsem") == 0 || + strcmp(name, "sysvshm") == 0) + kl = kldload(name); + else { + errno = ENOENT; + return (-1); + } + if (kl < 0 && errno == EEXIST) { + /* +* In the module is already loaded, then it must not contain +* the parameter. +*/ + errno = ENOENT; + } + return kl; } /* ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r331278 - head/sys/kern
Author: jamie Date: Tue Mar 20 23:08:42 2018 New Revision: 331278 URL: https://svnweb.freebsd.org/changeset/base/331278 Log: Represent boolean jail options as an array of structures containing the flag and both the regular and "no" names, instead of two different string arrays whose indices need to match the flag's bit position. This makes them similar to the say "jailsys" options are represented. Loop through either kind of option array with a structure pointer rather then an integer index. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Tue Mar 20 23:08:04 2018(r331277) +++ head/sys/kern/kern_jail.c Tue Mar 20 23:08:42 2018(r331278) @@ -115,6 +115,17 @@ struct prison prison0 = { }; MTX_SYSINIT(prison0, _mtx, "jail mutex", MTX_DEF); +struct bool_flags { + const char *name; + const char *noname; + unsigned flag; +}; +struct jailsys_flags { + const char *name; + unsigned disable; + unsigned new; +}; + /* allprison, allprison_racct and lastprid are protected by allprison_lock. */ struct sx allprison_lock; SX_SYSINIT(allprison_lock, _lock, "allprison"); @@ -145,86 +156,55 @@ static void prison_racct_detach(struct prison *pr); * as we cannot figure out the size of a sparse array, or an array without a * terminating entry. */ -static char *pr_flag_names[] = { - [0] = "persist", +static struct bool_flags pr_flag_bool[] = { + {"persist", "nopersist", PR_PERSIST}, #ifdef INET - [7] = "ip4.saddrsel", + {"ip4.saddrsel", "ip4.nosaddrsel", PR_IP4_SADDRSEL}, #endif #ifdef INET6 - [8] = "ip6.saddrsel", + {"ip6.saddrsel", "ip6.nosaddrsel", PR_IP6_SADDRSEL}, #endif }; -const size_t pr_flag_names_size = sizeof(pr_flag_names); +const size_t pr_flag_bool_size = sizeof(pr_flag_bool); -static char *pr_flag_nonames[] = { - [0] = "nopersist", -#ifdef INET - [7] = "ip4.nosaddrsel", -#endif -#ifdef INET6 - [8] = "ip6.nosaddrsel", -#endif -}; -const size_t pr_flag_nonames_size = sizeof(pr_flag_nonames); - -struct jailsys_flags { - const char *name; - unsigned disable; - unsigned new; -} pr_flag_jailsys[] = { - { "host", 0, PR_HOST }, +static struct jailsys_flags pr_flag_jailsys[] = { + {"host", 0, PR_HOST}, #ifdef VIMAGE - { "vnet", 0, PR_VNET }, + {"vnet", 0, PR_VNET}, #endif #ifdef INET - { "ip4", PR_IP4_USER, PR_IP4_USER }, + {"ip4", PR_IP4_USER, PR_IP4_USER}, #endif #ifdef INET6 - { "ip6", PR_IP6_USER, PR_IP6_USER }, + {"ip6", PR_IP6_USER, PR_IP6_USER}, #endif }; const size_t pr_flag_jailsys_size = sizeof(pr_flag_jailsys); -static char *pr_allow_names[] = { - "allow.set_hostname", - "allow.sysvipc", - "allow.raw_sockets", - "allow.chflags", - "allow.mount", - "allow.quotas", - "allow.socket_af", - "allow.mount.devfs", - "allow.mount.nullfs", - "allow.mount.zfs", - "allow.mount.procfs", - "allow.mount.tmpfs", - "allow.mount.fdescfs", - "allow.mount.linprocfs", - "allow.mount.linsysfs", - "allow.reserved_ports", +static struct bool_flags pr_flag_allow[] = { + {"allow.set_hostname", "allow.noset_hostname", PR_ALLOW_SET_HOSTNAME}, + {"allow.sysvipc", "allow.nosysvipc", PR_ALLOW_SYSVIPC}, + {"allow.raw_sockets", "allow.noraw_sockets", PR_ALLOW_RAW_SOCKETS}, + {"allow.chflags", "allow.nochflags", PR_ALLOW_CHFLAGS}, + {"allow.mount", "allow.nomount", PR_ALLOW_MOUNT}, + {"allow.quotas", "allow.noquotas", PR_ALLOW_QUOTAS}, + {"allow.socket_af", "allow.nosocket_af", PR_ALLOW_SOCKET_AF}, + {"allow.mount.devfs", "allow.mount.nodevfs", PR_ALLOW_MOUNT_DEVFS}, + {"allow.mount.nullfs", "allow.mount.nonullfs", PR_ALLOW_MOUNT_NULLFS}, + {"allow.mount.zfs", "allow.mount.nozfs", PR_ALLOW_MOUNT_ZFS}, + {"allow.mount.procfs", "allow.mount.noprocfs", PR_ALLOW_MOUNT_PROCFS}, + {"allow.mount.tmpfs", "allow.mount.notmpfs", PR_ALLOW_MOUNT_TMPFS}, + {"allow.mount.fdescfs", "allow.mount.nofdescfs", +PR_ALLOW_MOUNT_FDESCFS}, + {"allow.mount.linprocfs", "allow.mount.nolinprocfs", +PR_ALLOW_MOUNT_LINPROCFS}, + {"allow.mount.linsysfs", "allow.mount.nolinsysfs", +PR_ALLOW_MOUNT_LINSYSFS}, + {"allow.reserved_ports", "allow.noreserved_ports", +PR_ALLOW_RESERVED_PORTS}, }; -const size_t pr_allow_names_size = sizeof(pr_allow_names); +const size_t pr_flag_allow_size = sizeof(pr_flag_allow); -static char *pr_allow_nonames[] = { - "allow.noset_hostname", - "allow.nosysvipc", - "allow.noraw_sockets", - "allow.nochflags", - "allow.nomount", - "allow.noquotas", - "allow.nosocket_af", -
svn commit: r330743 - in head: etc/rc.d share/man/man5
Author: jamie Date: Sat Mar 10 20:13:07 2018 New Revision: 330743 URL: https://svnweb.freebsd.org/changeset/base/330743 Log: Don't warn when the "hostname" rc variable is unset, but the hostname is already non-empty (common in jails). Modified: head/etc/rc.d/hostname head/share/man/man5/rc.conf.5 Modified: head/etc/rc.d/hostname == --- head/etc/rc.d/hostname Sat Mar 10 18:07:31 2018(r330742) +++ head/etc/rc.d/hostname Sat Mar 10 20:13:07 2018(r330743) @@ -60,9 +60,11 @@ hostname_start() # Have we got a hostname yet? # if [ -z "${hostname}" ]; then - # Null hostname is probably OK if DHCP is in use. + # Null hostname is probably OK if DHCP is in use, + # or when hostname is already set (common for jails). # - if [ -z "`list_net_interfaces dhcp`" ]; then + if [ -z "`list_net_interfaces dhcp`" -a \ +-z "`/bin/hostname`" ]; then warn "\$hostname is not set -- see rc.conf(5)." fi return Modified: head/share/man/man5/rc.conf.5 == --- head/share/man/man5/rc.conf.5 Sat Mar 10 18:07:31 2018 (r330742) +++ head/share/man/man5/rc.conf.5 Sat Mar 10 20:13:07 2018 (r330743) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 15, 2018 +.Dd March 10, 2018 .Dt RC.CONF 5 .Os .Sh NAME @@ -421,6 +421,9 @@ If .Xr dhclient 8 is used to set the hostname via DHCP, this variable should be set to an empty string. +Within a +.Xr jail 8 +the hostname is generally already set and this variable may absent. If this value remains unset when the system is done booting your console login will display the default hostname of .Dq Amnesiac . ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r325783 - stable/10/sys/kern
Author: jamie Date: Mon Nov 13 23:21:17 2017 New Revision: 325783 URL: https://svnweb.freebsd.org/changeset/base/325783 Log: MFC r297935: Separate POSIX sem/shm objects in jails, by prepending the jail's path name to the object's "path". While the objects don't have real path names, it's a filesystem-like namespace, which allows jails to be kept to their own space, but still allows the system / jail parent to access a jail's IPC. MFC r297936: Separate POSIX mqueue objects in jails; actually, separate them by the jail's root, so jails that don't have their own filesystem directory also won't have their own mqueue namespace. MFC r297976: Clean up some style(9) violations. MFC r298567: Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX message queues. PR: 208082 Submitted by: delphij Modified: stable/10/sys/kern/uipc_mqueue.c stable/10/sys/kern/uipc_sem.c stable/10/sys/kern/uipc_shm.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/uipc_mqueue.c == --- stable/10/sys/kern/uipc_mqueue.cMon Nov 13 22:16:47 2017 (r325782) +++ stable/10/sys/kern/uipc_mqueue.cMon Nov 13 23:21:17 2017 (r325783) @@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -60,8 +61,8 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include -#include #include #include #include @@ -131,6 +132,7 @@ struct mqfs_node { LIST_HEAD(,mqfs_node) mn_children; LIST_ENTRY(mqfs_node) mn_sibling; LIST_HEAD(,mqfs_vdata) mn_vnodes; + const void *mn_pr_root; int mn_refcount; mqfs_type_t mn_type; int mn_deleted; @@ -218,6 +220,7 @@ static uma_zone_t mvdata_zone; static uma_zone_t mqnoti_zone; static struct vop_vector mqfs_vnodeops; static struct fileops mqueueops; +static unsignedmqfs_osd_jail_slot; /* * Directory structure construction and manipulation @@ -235,6 +238,7 @@ static int mqfs_destroy(struct mqfs_node *mn); static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn); static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn); static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct mqfs_node *pn); +static int mqfs_prison_remove(void *obj, void *data); /* * Message queue construction and maniplation @@ -435,6 +439,7 @@ mqfs_create_node(const char *name, int namelen, struct node = mqnode_alloc(); strncpy(node->mn_name, name, namelen); + node->mn_pr_root = cred->cr_prison->pr_root; node->mn_type = nodetype; node->mn_refcount = 1; vfs_timestamp(>mn_birth); @@ -643,6 +648,9 @@ mqfs_init(struct vfsconf *vfc) { struct mqfs_node *root; struct mqfs_info *mi; + osd_method_t methods[PR_MAXMETHOD] = { + [PR_METHOD_REMOVE] = mqfs_prison_remove, + }; mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); @@ -669,6 +677,7 @@ mqfs_init(struct vfsconf *vfc) EVENTHANDLER_PRI_ANY); mq_fdclose = mqueue_fdclose; p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING); + mqfs_osd_jail_slot = osd_jail_register(NULL, methods); return (0); } @@ -682,6 +691,7 @@ mqfs_uninit(struct vfsconf *vfc) if (!unloadable) return (EOPNOTSUPP); + osd_jail_deregister(mqfs_osd_jail_slot); EVENTHANDLER_DEREGISTER(process_exit, exit_tag); mi = _data; mqfs_destroy(mi->mi_root); @@ -801,13 +811,17 @@ found: * Search a directory entry */ static struct mqfs_node * -mqfs_search(struct mqfs_node *pd, const char *name, int len) +mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred *cred) { struct mqfs_node *pn; + const void *pr_root; sx_assert(>mn_info->mi_lock, SX_LOCKED); + pr_root = cred->cr_prison->pr_root; LIST_FOREACH(pn, >mn_children, mn_sibling) { - if (strncmp(pn->mn_name, name, len) == 0 && + /* Only match names within the same prison root directory */ + if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) && + strncmp(pn->mn_name, name, len) == 0 && pn->mn_name[len] == '\0') return (pn); } @@ -879,7 +893,7 @@ mqfs_lookupx(struct vop_cachedlookup_args *ap) /* named node */ sx_xlock(>mi_lock); - pn = mqfs_search(pd, pname, namelen); + pn = mqfs_search(pd, pname, namelen, cnp->cn_cred); if (pn != NULL)
svn commit: r321796 - head/usr.bin/calendar/calendars
Author: jamie Date: Mon Jul 31 15:29:44 2017 New Revision: 321796 URL: https://svnweb.freebsd.org/changeset/base/321796 Log: Add myself to the birthday calendar. Reminded by: mckusick Modified: head/usr.bin/calendar/calendars/calendar.freebsd Modified: head/usr.bin/calendar/calendars/calendar.freebsd == --- head/usr.bin/calendar/calendars/calendar.freebsdMon Jul 31 15:24:40 2017(r321795) +++ head/usr.bin/calendar/calendars/calendar.freebsdMon Jul 31 15:29:44 2017(r321796) @@ -180,6 +180,7 @@ 05/19 Sofian Brabezborn in Toulouse, France, 1984 05/20 Dan Moschuk died in Burlington, Ontario, Canada, 2010 05/21 Kris Kennaway born in Winnipeg, Manitoba, Canada, 1978 +05/22 James Gritton born in San Francisco, California, United States, 1967 05/22 Clive Tong-I Lin born in Changhua, Taiwan, Republic of China, 1978 05/22 Michael Bushkov born in Rostov-on-Don, Russian Federation, 1985 05/22 Rui Paulo born in Evora, Portugal, 1986 ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r316193 - stable/10/usr.sbin/jail
Author: jamie Date: Thu Mar 30 01:37:37 2017 New Revision: 316193 URL: https://svnweb.freebsd.org/changeset/base/316193 Log: MFC r316022,r316023: Fix hexadecimal escape codes in jail.conf(5). PR: 218154 Submitted by: Masahiro KonishiModified: stable/10/usr.sbin/jail/jaillex.l Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/jaillex.l == --- stable/10/usr.sbin/jail/jaillex.l Thu Mar 30 01:37:34 2017 (r316192) +++ stable/10/usr.sbin/jail/jaillex.l Thu Mar 30 01:37:37 2017 (r316193) @@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in *d = *++s - '0'; else if (s[1] >= 'A' && s[1] <= 'F') *d = *++s + (0xA - 'A'); - else if (s[1] >= 'a' && s[1] <= 'a') + else if (s[1] >= 'a' && s[1] <= 'f') *d = *++s + (0xa - 'a'); else break; @@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in *d = *d * 0x10 + (*++s - '0'); else if (s[1] >= 'A' && s[1] <= 'F') *d = *d * 0x10 + (*++s + (0xA - 'A')); - else if (s[1] >= 'a' && s[1] <= 'a') + else if (s[1] >= 'a' && s[1] <= 'f') *d = *d * 0x10 + (*++s + (0xa - 'a')); } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r316192 - stable/11/usr.sbin/jail
Author: jamie Date: Thu Mar 30 01:37:34 2017 New Revision: 316192 URL: https://svnweb.freebsd.org/changeset/base/316192 Log: MFC r316022,r316023: Fix hexadecimal escape codes in jail.conf(5). PR: 218154 Submitted by: Masahiro KonishiModified: stable/11/usr.sbin/jail/jaillex.l Directory Properties: stable/11/ (props changed) Modified: stable/11/usr.sbin/jail/jaillex.l == --- stable/11/usr.sbin/jail/jaillex.l Thu Mar 30 01:30:27 2017 (r316191) +++ stable/11/usr.sbin/jail/jaillex.l Thu Mar 30 01:37:34 2017 (r316192) @@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in *d = *++s - '0'; else if (s[1] >= 'A' && s[1] <= 'F') *d = *++s + (0xA - 'A'); - else if (s[1] >= 'a' && s[1] <= 'a') + else if (s[1] >= 'a' && s[1] <= 'f') *d = *++s + (0xa - 'a'); else break; @@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in *d = *d * 0x10 + (*++s - '0'); else if (s[1] >= 'A' && s[1] <= 'F') *d = *d * 0x10 + (*++s + (0xA - 'A')); - else if (s[1] >= 'a' && s[1] <= 'a') + else if (s[1] >= 'a' && s[1] <= 'f') *d = *d * 0x10 + (*++s + (0xa - 'a')); } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r316023 - head/usr.sbin/jail
Author: jamie Date: Mon Mar 27 13:37:40 2017 New Revision: 316023 URL: https://svnweb.freebsd.org/changeset/base/316023 Log: Same as r316022 (Fix hexadecimal escape codes in jail.conf(5)), but do it right this time. Reported by: Kyle Evans MFC after:3 days Modified: head/usr.sbin/jail/jaillex.l Modified: head/usr.sbin/jail/jaillex.l == --- head/usr.sbin/jail/jaillex.lMon Mar 27 13:27:39 2017 (r316022) +++ head/usr.sbin/jail/jaillex.lMon Mar 27 13:37:40 2017 (r316023) @@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in *d = *++s - '0'; else if (s[1] >= 'A' && s[1] <= 'F') *d = *++s + (0xA - 'A'); - else if (s[1] >= 'a' && s[1] <= 'F') + else if (s[1] >= 'a' && s[1] <= 'f') *d = *++s + (0xa - 'a'); else break; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r316022 - head/usr.sbin/jail
Author: jamie Date: Mon Mar 27 13:27:39 2017 New Revision: 316022 URL: https://svnweb.freebsd.org/changeset/base/316022 Log: Fix hexadecimal escape codes in jail.conf(5). PR: 218154 Submitted by: Masahiro KonishiMFC after:3 days Modified: head/usr.sbin/jail/jaillex.l Modified: head/usr.sbin/jail/jaillex.l == --- head/usr.sbin/jail/jaillex.lMon Mar 27 12:34:29 2017 (r316021) +++ head/usr.sbin/jail/jaillex.lMon Mar 27 13:27:39 2017 (r316022) @@ -216,7 +216,7 @@ text2lval(size_t triml, size_t trimr, in *d = *++s - '0'; else if (s[1] >= 'A' && s[1] <= 'F') *d = *++s + (0xA - 'A'); - else if (s[1] >= 'a' && s[1] <= 'a') + else if (s[1] >= 'a' && s[1] <= 'F') *d = *++s + (0xa - 'a'); else break; @@ -226,7 +226,7 @@ text2lval(size_t triml, size_t trimr, in *d = *d * 0x10 + (*++s - '0'); else if (s[1] >= 'A' && s[1] <= 'F') *d = *d * 0x10 + (*++s + (0xA - 'A')); - else if (s[1] >= 'a' && s[1] <= 'a') + else if (s[1] >= 'a' && s[1] <= 'f') *d = *d * 0x10 + (*++s + (0xa - 'a')); } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r310530 - head/usr.sbin/jls
Author: jamie Date: Sat Dec 24 23:51:27 2016 New Revision: 310530 URL: https://svnweb.freebsd.org/changeset/base/310530 Log: Improve IP address list representation in libxo output. Extract decision-making about special-case printing of certain jail parameters into a function. Refactor emitting of IPv4 and IPv6 address lists into a function. Resulting user-facing changes: XO_VERSION is bumped to 2. In verbose mode (-v), IPv4 and IPv6-Addresses are now properly emitted as separate lists. This only affects the output in encoding styles, i.e. xml and json. {{ "__version": "1","__version": "2", "jail-information": {"jail-information": { "jail": ["jail": [ {{ "jid": 166, "jid": 166, "hostname": "foo.com", "hostname": "foo.com", "path": "/var/jail/foo", "path": "/var/jail/foo", "name": "foo", "name": "foo", "state": "ACTIVE", "state": "ACTIVE", "cpusetid": 2, "cpusetid": 2, "ipv4_addrs": [ "ipv4_addrs": [ "10.1.1.1", "10.1.1.1", "10.1.1.2", "10.1.1.2", "10.1.1.3", | "10.1.1.3" > ], > "ipv6_addrs": [ "fe80::1000:1", "fe80::1000:1", "fe80::1000:2" "fe80::1000:2" ]] }} ]] }} }} In -n mode, ip4.addr and ip6.addr are formatted in the encoding styles' native list types, e.g. instead of comma-separated lists, JSON arrays are printed. jls -n all --libxo json ... "ip4.addr": [ "10.1.1.1", "10.1.1.2", "10.1.1.3" ], "ip4.saddrsel": true, "ip6.addr": [ "fe80::1000:1", "fe80::1000:2" ], ... jls -n all --libxo xml ... 10.1.1.1 10.1.1.2 10.1.1.3 true fe80::1000:1 fe80::1000:2 ... PR: 215008 Submitted by: Christian SchwarzDifferential Revision:https://reviews.freebsd.org/D8766 Modified: head/usr.sbin/jls/jls.c Modified: head/usr.sbin/jls/jls.c == --- head/usr.sbin/jls/jls.c Sat Dec 24 23:43:14 2016(r310529) +++ head/usr.sbin/jls/jls.c Sat Dec 24 23:51:27 2016(r310530) @@ -51,7 +51,7 @@ __FBSDID("$FreeBSD$"); #defineJP_USER 0x0100 #defineJP_OPT 0x0200 -#define JLS_XO_VERSION "1" +#define JLS_XO_VERSION "2" #definePRINT_DEFAULT 0x01 #definePRINT_HEADER0x02 @@ -77,7 +77,10 @@ static int sort_param(const void *a, con static char *noname(const char *name); static char *nononame(const char *name); static int print_jail(int pflags, int jflags); +static int special_print(int pflags, struct jailparam *param); static void quoted_print(int pflags, char *name, char *value); +static void emit_ip_addr_list(int af_family, const char *list_name, + struct jailparam *param); int main(int argc, char **argv) @@ -379,8 +382,7 @@ print_jail(int pflags, int jflags) { char *nname, *xo_nname; char **param_values; - int i, ai, jid, count, n, spc; - char ipbuf[INET6_ADDRSTRLEN]; + int i, jid, n, spc; jid = jailparam_get(params, nparams, jflags); if (jid < 0) @@ -401,29 +403,13 @@ print_jail(int pflags, int jflags) n = 6; #ifdef INET if (ip4_ok && !strcmp(params[n].jp_name, "ip4.addr")) { - count = params[n].jp_valuelen / sizeof(struct in_addr); - for (ai = 0; ai < count; ai++) - if (inet_ntop(AF_INET, - &((struct in_addr *)params[n].jp_value)[ai], - ipbuf, sizeof(ipbuf)) == NULL) - xo_err(1, "inet_ntop"); - else { - xo_emit("{P: }{l:ipv4_addrs}{P:\n}", ipbuf); - } + emit_ip_addr_list(AF_INET, "ipv4_addrs", params + n); n++; } #endif #ifdef INET6 if (ip6_ok && !strcmp(params[n].jp_name, "ip6.addr")) { - count = params[n].jp_valuelen / sizeof(struct in6_addr); -
svn commit: r302959 - stable/10/etc/rc.d
Author: jamie Date: Sun Jul 17 14:16:21 2016 New Revision: 302959 URL: https://svnweb.freebsd.org/changeset/base/302959 Log: MFC r302857: Start jails non-parallel if jail_parallel_start is NO. This was true for an explicitly specified jail list; now it's also true for all jails. PR: 209112 Modified: stable/10/etc/rc.d/jail Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/rc.d/jail == --- stable/10/etc/rc.d/jail Sun Jul 17 14:15:08 2016(r302958) +++ stable/10/etc/rc.d/jail Sun Jul 17 14:16:21 2016(r302959) @@ -433,6 +433,9 @@ jail_start() command=$jail_program rc_flags=$jail_flags command_args="-f $jail_conf -c" + if ! checkyesno jail_parallel_start; then + command_args="$command_args -p1" + fi _tmp=`mktemp -t jail` || exit 3 if $command $rc_flags $command_args >> $_tmp 2>&1; then $jail_jls jid name | while read _id _name; do @@ -440,7 +443,7 @@ jail_start() echo $_id > /var/run/jail_${_name}.id done else - tail -1 $_tmp + cat $_tmp fi rm -f $_tmp echo '.' @@ -527,7 +530,7 @@ jail_stop() _tmp=`mktemp -t jail` || exit 3 $command $rc_flags $command_args $_j >> $_tmp 2>&1 if $jail_jls -j $_j > /dev/null 2>&1; then - tail -1 $_tmp + cat $_tmp else rm -f /var/run/jail_${_j}.id fi @@ -550,7 +553,7 @@ jail_stop() _tmp=`mktemp -t jail` || exit 3 $command -q -f $_conf -r $_j >> $_tmp 2>&1 if $jail_jls -j $_j > /dev/null 2>&1; then - tail -1 $_tmp + cat $_tmp else rm -f /var/run/jail_${_j}.id fi ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302958 - stable/10/usr.sbin/jail
Author: jamie Date: Sun Jul 17 14:15:08 2016 New Revision: 302958 URL: https://svnweb.freebsd.org/changeset/base/302958 Log: MFC r302856: Fix up the order in which jail creation processes are run, to preserve the config file's order in the non-parallel-start case. PR: 209112 Modified: stable/10/usr.sbin/jail/command.c stable/10/usr.sbin/jail/jailp.h stable/10/usr.sbin/jail/state.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/command.c == --- stable/10/usr.sbin/jail/command.c Sun Jul 17 14:13:47 2016 (r302957) +++ stable/10/usr.sbin/jail/command.c Sun Jul 17 14:15:08 2016 (r302958) @@ -92,9 +92,13 @@ next_command(struct cfjail *j) int create_failed, stopping; if (paralimit == 0) { - requeue(j, ); + if (j->flags & JF_FROM_RUNQ) + requeue_head(j, ); + else + requeue(j, ); return 1; } + j->flags &= ~JF_FROM_RUNQ; create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED; stopping = (j->flags & JF_STOP) != 0; comparam = *j->comparam; @@ -160,20 +164,23 @@ next_command(struct cfjail *j) int finish_command(struct cfjail *j) { + struct cfjail *rj; int error; if (!(j->flags & JF_SLEEPQ)) return 0; j->flags &= ~JF_SLEEPQ; - if (*j->comparam == IP_STOP_TIMEOUT) - { + if (*j->comparam == IP_STOP_TIMEOUT) { j->flags &= ~JF_TIMEOUT; j->pstatus = 0; return 0; } paralimit++; - if (!TAILQ_EMPTY()) - requeue(TAILQ_FIRST(), ); + if (!TAILQ_EMPTY()) { + rj = TAILQ_FIRST(); + rj->flags |= JF_FROM_RUNQ; + requeue(rj, ); + } error = 0; if (j->flags & JF_TIMEOUT) { j->flags &= ~JF_TIMEOUT; @@ -259,7 +266,7 @@ next_proc(int nonblock) } /* - * Run a single command for a jail, possible inside the jail. + * Run a single command for a jail, possibly inside the jail. */ static int run_command(struct cfjail *j) Modified: stable/10/usr.sbin/jail/jailp.h == --- stable/10/usr.sbin/jail/jailp.h Sun Jul 17 14:13:47 2016 (r302957) +++ stable/10/usr.sbin/jail/jailp.h Sun Jul 17 14:15:08 2016 (r302958) @@ -64,6 +64,7 @@ #define JF_PERSIST 0x0100 /* Jail is temporarily persistent */ #define JF_TIMEOUT 0x0200 /* A command (or process kill) timed out */ #define JF_SLEEPQ 0x0400 /* Waiting on a command and/or timeout */ +#define JF_FROM_RUNQ 0x0800 /* Has already been on the run queue */ #define JF_OP_MASK (JF_START | JF_SET | JF_STOP) #define JF_RESTART (JF_START | JF_STOP) @@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void); extern int start_state(const char *target, int docf, unsigned state, int running); extern void requeue(struct cfjail *j, struct cfjails *queue); +extern void requeue_head(struct cfjail *j, struct cfjails *queue); extern void yyerror(const char *); extern int yylex(void); Modified: stable/10/usr.sbin/jail/state.c == --- stable/10/usr.sbin/jail/state.c Sun Jul 17 14:13:47 2016 (r302957) +++ stable/10/usr.sbin/jail/state.c Sun Jul 17 14:15:08 2016 (r302958) @@ -398,6 +398,14 @@ requeue(struct cfjail *j, struct cfjails } } +void +requeue_head(struct cfjail *j, struct cfjails *queue) +{ +TAILQ_REMOVE(j->queue, j, tq); +TAILQ_INSERT_HEAD(queue, j, tq); +j->queue = queue; +} + /* * Add a dependency edge between two jails. */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302956 - stable/10/etc/rc.d
Author: jamie Date: Sun Jul 17 14:12:34 2016 New Revision: 302956 URL: https://svnweb.freebsd.org/changeset/base/302956 Log: MFC r302855: Wait for jails to complete startup if jail_parallel_start is YES, instead of assuming they'll take less than one second. PR: 203172 Submitted by: dmitry2...@yandex.ru Modified: stable/10/etc/rc.d/jail Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/rc.d/jail == --- stable/10/etc/rc.d/jail Sun Jul 17 14:07:51 2016(r302955) +++ stable/10/etc/rc.d/jail Sun Jul 17 14:12:34 2016(r302956) @@ -422,7 +422,7 @@ jail_status() jail_start() { - local _j _jv _jid _jl _id _name + local _j _jv _jid _id _name if [ $# = 0 ]; then return @@ -452,29 +452,30 @@ jail_start() # Start jails in parallel and then check jail id when # jail_parallel_start is YES. # - _jl= for _j in $@; do _j=$(echo $_j | tr /. _) _jv=$(echo -n $_j | tr -c '[:alnum:]' _) parse_options $_j $_jv || continue - _jl="$_jl $_j" eval rc_flags=\${jail_${_jv}_flags:-$jail_flags} eval command=\${jail_${_jv}_program:-$jail_program} command_args="-i -f $_conf -c $_j" - $command $rc_flags $command_args \ - >/dev/null 2>&1 /var/run/jail_${_j}.id - else - echo " cannot start jail " \ - "\"${_hostname:-${_j}}\": " - fi + ( + _tmp=`mktemp -t jail_${_j}` || exit 3 + if $command $rc_flags $command_args \ + >> $_tmp 2>&1 /var/run/jail_${_j}.id + else + echo " cannot start jail " \ + "\"${_hostname:-${_j}}\": " + cat $_tmp + fi + rm -f $_tmp + ) & done + wait else # # Start jails one-by-one when jail_parallel_start is NO. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302955 - stable/11/etc/rc.d
Author: jamie Date: Sun Jul 17 14:07:51 2016 New Revision: 302955 URL: https://svnweb.freebsd.org/changeset/base/302955 Log: MFC r302857: Start jails non-parallel if jail_parallel_start is NO. This was true for an explicitly specified jail list; now it's also true for all jails. PR: 209112 Approved by: re (gjb) Modified: stable/11/etc/rc.d/jail Directory Properties: stable/11/ (props changed) Modified: stable/11/etc/rc.d/jail == --- stable/11/etc/rc.d/jail Sun Jul 17 14:06:17 2016(r302954) +++ stable/11/etc/rc.d/jail Sun Jul 17 14:07:51 2016(r302955) @@ -451,6 +451,9 @@ jail_start() command=$jail_program rc_flags=$jail_flags command_args="-f $jail_conf -c" + if ! checkyesno jail_parallel_start; then + command_args="$command_args -p1" + fi _tmp=`mktemp -t jail` || exit 3 if $command $rc_flags $command_args >> $_tmp 2>&1; then $jail_jls jid name | while read _id _name; do @@ -458,7 +461,7 @@ jail_start() echo $_id > /var/run/jail_${_name}.id done else - tail -1 $_tmp + cat $_tmp fi rm -f $_tmp echo '.' @@ -545,7 +548,7 @@ jail_stop() _tmp=`mktemp -t jail` || exit 3 $command $rc_flags $command_args $_j >> $_tmp 2>&1 if $jail_jls -j $_j > /dev/null 2>&1; then - tail -1 $_tmp + cat $_tmp else rm -f /var/run/jail_${_j}.id fi @@ -568,7 +571,7 @@ jail_stop() _tmp=`mktemp -t jail` || exit 3 $command -q -f $_conf -r $_j >> $_tmp 2>&1 if $jail_jls -j $_j > /dev/null 2>&1; then - tail -1 $_tmp + cat $_tmp else rm -f /var/run/jail_${_j}.id fi ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302954 - stable/11/usr.sbin/jail
Author: jamie Date: Sun Jul 17 14:06:17 2016 New Revision: 302954 URL: https://svnweb.freebsd.org/changeset/base/302954 Log: MFC r302856: Fix up the order in which jail creation processes are run, to preserve the config file's order in the non-parallel-start case. PR: 209112 Approved by: re (gjb) Modified: stable/11/usr.sbin/jail/command.c stable/11/usr.sbin/jail/jailp.h stable/11/usr.sbin/jail/state.c Directory Properties: stable/11/ (props changed) Modified: stable/11/usr.sbin/jail/command.c == --- stable/11/usr.sbin/jail/command.c Sun Jul 17 14:05:11 2016 (r302953) +++ stable/11/usr.sbin/jail/command.c Sun Jul 17 14:06:17 2016 (r302954) @@ -92,9 +92,13 @@ next_command(struct cfjail *j) int create_failed, stopping; if (paralimit == 0) { - requeue(j, ); + if (j->flags & JF_FROM_RUNQ) + requeue_head(j, ); + else + requeue(j, ); return 1; } + j->flags &= ~JF_FROM_RUNQ; create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED; stopping = (j->flags & JF_STOP) != 0; comparam = *j->comparam; @@ -160,20 +164,23 @@ next_command(struct cfjail *j) int finish_command(struct cfjail *j) { + struct cfjail *rj; int error; if (!(j->flags & JF_SLEEPQ)) return 0; j->flags &= ~JF_SLEEPQ; - if (*j->comparam == IP_STOP_TIMEOUT) - { + if (*j->comparam == IP_STOP_TIMEOUT) { j->flags &= ~JF_TIMEOUT; j->pstatus = 0; return 0; } paralimit++; - if (!TAILQ_EMPTY()) - requeue(TAILQ_FIRST(), ); + if (!TAILQ_EMPTY()) { + rj = TAILQ_FIRST(); + rj->flags |= JF_FROM_RUNQ; + requeue(rj, ); + } error = 0; if (j->flags & JF_TIMEOUT) { j->flags &= ~JF_TIMEOUT; @@ -259,7 +266,7 @@ next_proc(int nonblock) } /* - * Run a single command for a jail, possible inside the jail. + * Run a single command for a jail, possibly inside the jail. */ static int run_command(struct cfjail *j) Modified: stable/11/usr.sbin/jail/jailp.h == --- stable/11/usr.sbin/jail/jailp.h Sun Jul 17 14:05:11 2016 (r302953) +++ stable/11/usr.sbin/jail/jailp.h Sun Jul 17 14:06:17 2016 (r302954) @@ -64,6 +64,7 @@ #define JF_PERSIST 0x0100 /* Jail is temporarily persistent */ #define JF_TIMEOUT 0x0200 /* A command (or process kill) timed out */ #define JF_SLEEPQ 0x0400 /* Waiting on a command and/or timeout */ +#define JF_FROM_RUNQ 0x0800 /* Has already been on the run queue */ #define JF_OP_MASK (JF_START | JF_SET | JF_STOP) #define JF_RESTART (JF_START | JF_STOP) @@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void); extern int start_state(const char *target, int docf, unsigned state, int running); extern void requeue(struct cfjail *j, struct cfjails *queue); +extern void requeue_head(struct cfjail *j, struct cfjails *queue); extern void yyerror(const char *); extern int yylex(void); Modified: stable/11/usr.sbin/jail/state.c == --- stable/11/usr.sbin/jail/state.c Sun Jul 17 14:05:11 2016 (r302953) +++ stable/11/usr.sbin/jail/state.c Sun Jul 17 14:06:17 2016 (r302954) @@ -397,6 +397,14 @@ requeue(struct cfjail *j, struct cfjails } } +void +requeue_head(struct cfjail *j, struct cfjails *queue) +{ +TAILQ_REMOVE(j->queue, j, tq); +TAILQ_INSERT_HEAD(queue, j, tq); +j->queue = queue; +} + /* * Add a dependency edge between two jails. */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302953 - stable/11/etc/rc.d
Author: jamie Date: Sun Jul 17 14:05:11 2016 New Revision: 302953 URL: https://svnweb.freebsd.org/changeset/base/302953 Log: MFC r302855: Wait for jails to complete startup if jail_parallel_start is YES, instead of assuming they'll take less than one second. PR: 203172 Submitted by: dmitry2...@yandex.ru Approved by: re (gjb) Modified: stable/11/etc/rc.d/jail Directory Properties: stable/11/ (props changed) Modified: stable/11/etc/rc.d/jail == --- stable/11/etc/rc.d/jail Sun Jul 17 13:43:46 2016(r302952) +++ stable/11/etc/rc.d/jail Sun Jul 17 14:05:11 2016(r302953) @@ -440,7 +440,7 @@ jail_status() jail_start() { - local _j _jv _jid _jl _id _name + local _j _jv _jid _id _name if [ $# = 0 ]; then return @@ -470,29 +470,30 @@ jail_start() # Start jails in parallel and then check jail id when # jail_parallel_start is YES. # - _jl= for _j in $@; do _j=$(echo $_j | tr /. _) _jv=$(echo -n $_j | tr -c '[:alnum:]' _) parse_options $_j $_jv || continue - _jl="$_jl $_j" eval rc_flags=\${jail_${_jv}_flags:-$jail_flags} eval command=\${jail_${_jv}_program:-$jail_program} command_args="-i -f $_conf -c $_j" - $command $rc_flags $command_args \ - >/dev/null 2>&1 /var/run/jail_${_j}.id - else - echo " cannot start jail " \ - "\"${_hostname:-${_j}}\": " - fi + ( + _tmp=`mktemp -t jail_${_j}` || exit 3 + if $command $rc_flags $command_args \ + >> $_tmp 2>&1 /var/run/jail_${_j}.id + else + echo " cannot start jail " \ + "\"${_hostname:-${_j}}\": " + cat $_tmp + fi + rm -f $_tmp + ) & done + wait else # # Start jails one-by-one when jail_parallel_start is NO. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302857 - head/etc/rc.d
Author: jamie Date: Thu Jul 14 20:17:08 2016 New Revision: 302857 URL: https://svnweb.freebsd.org/changeset/base/302857 Log: Start jails non-parallel if jail_parallel_start is NO. This was true for an explicitly specified jail list; now it's also true for all jails. PR: 209112 MFC after:3 days Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail == --- head/etc/rc.d/jail Thu Jul 14 20:15:55 2016(r302856) +++ head/etc/rc.d/jail Thu Jul 14 20:17:08 2016(r302857) @@ -451,6 +451,9 @@ jail_start() command=$jail_program rc_flags=$jail_flags command_args="-f $jail_conf -c" + if ! checkyesno jail_parallel_start; then + command_args="$command_args -p1" + fi _tmp=`mktemp -t jail` || exit 3 if $command $rc_flags $command_args >> $_tmp 2>&1; then $jail_jls jid name | while read _id _name; do @@ -458,7 +461,7 @@ jail_start() echo $_id > /var/run/jail_${_name}.id done else - tail -1 $_tmp + cat $_tmp fi rm -f $_tmp echo '.' @@ -545,7 +548,7 @@ jail_stop() _tmp=`mktemp -t jail` || exit 3 $command $rc_flags $command_args $_j >> $_tmp 2>&1 if $jail_jls -j $_j > /dev/null 2>&1; then - tail -1 $_tmp + cat $_tmp else rm -f /var/run/jail_${_j}.id fi @@ -568,7 +571,7 @@ jail_stop() _tmp=`mktemp -t jail` || exit 3 $command -q -f $_conf -r $_j >> $_tmp 2>&1 if $jail_jls -j $_j > /dev/null 2>&1; then - tail -1 $_tmp + cat $_tmp else rm -f /var/run/jail_${_j}.id fi ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302856 - head/usr.sbin/jail
Author: jamie Date: Thu Jul 14 20:15:55 2016 New Revision: 302856 URL: https://svnweb.freebsd.org/changeset/base/302856 Log: Fix up the order in which jail creation processes are run, to preserve the config file's order in the non-parallel-start case. PR: 209112 MFC after:3 days Modified: head/usr.sbin/jail/command.c head/usr.sbin/jail/jailp.h head/usr.sbin/jail/state.c Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cThu Jul 14 19:51:54 2016 (r302855) +++ head/usr.sbin/jail/command.cThu Jul 14 20:15:55 2016 (r302856) @@ -92,9 +92,13 @@ next_command(struct cfjail *j) int create_failed, stopping; if (paralimit == 0) { - requeue(j, ); + if (j->flags & JF_FROM_RUNQ) + requeue_head(j, ); + else + requeue(j, ); return 1; } + j->flags &= ~JF_FROM_RUNQ; create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED; stopping = (j->flags & JF_STOP) != 0; comparam = *j->comparam; @@ -160,20 +164,23 @@ next_command(struct cfjail *j) int finish_command(struct cfjail *j) { + struct cfjail *rj; int error; if (!(j->flags & JF_SLEEPQ)) return 0; j->flags &= ~JF_SLEEPQ; - if (*j->comparam == IP_STOP_TIMEOUT) - { + if (*j->comparam == IP_STOP_TIMEOUT) { j->flags &= ~JF_TIMEOUT; j->pstatus = 0; return 0; } paralimit++; - if (!TAILQ_EMPTY()) - requeue(TAILQ_FIRST(), ); + if (!TAILQ_EMPTY()) { + rj = TAILQ_FIRST(); + rj->flags |= JF_FROM_RUNQ; + requeue(rj, ); + } error = 0; if (j->flags & JF_TIMEOUT) { j->flags &= ~JF_TIMEOUT; @@ -259,7 +266,7 @@ next_proc(int nonblock) } /* - * Run a single command for a jail, possible inside the jail. + * Run a single command for a jail, possibly inside the jail. */ static int run_command(struct cfjail *j) Modified: head/usr.sbin/jail/jailp.h == --- head/usr.sbin/jail/jailp.h Thu Jul 14 19:51:54 2016(r302855) +++ head/usr.sbin/jail/jailp.h Thu Jul 14 20:15:55 2016(r302856) @@ -64,6 +64,7 @@ #define JF_PERSIST 0x0100 /* Jail is temporarily persistent */ #define JF_TIMEOUT 0x0200 /* A command (or process kill) timed out */ #define JF_SLEEPQ 0x0400 /* Waiting on a command and/or timeout */ +#define JF_FROM_RUNQ 0x0800 /* Has already been on the run queue */ #define JF_OP_MASK (JF_START | JF_SET | JF_STOP) #define JF_RESTART (JF_START | JF_STOP) @@ -223,6 +224,7 @@ extern struct cfjail *next_jail(void); extern int start_state(const char *target, int docf, unsigned state, int running); extern void requeue(struct cfjail *j, struct cfjails *queue); +extern void requeue_head(struct cfjail *j, struct cfjails *queue); extern void yyerror(const char *); extern int yylex(void); Modified: head/usr.sbin/jail/state.c == --- head/usr.sbin/jail/state.c Thu Jul 14 19:51:54 2016(r302855) +++ head/usr.sbin/jail/state.c Thu Jul 14 20:15:55 2016(r302856) @@ -397,6 +397,14 @@ requeue(struct cfjail *j, struct cfjails } } +void +requeue_head(struct cfjail *j, struct cfjails *queue) +{ +TAILQ_REMOVE(j->queue, j, tq); +TAILQ_INSERT_HEAD(queue, j, tq); +j->queue = queue; +} + /* * Add a dependency edge between two jails. */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r302855 - head/etc/rc.d
Author: jamie Date: Thu Jul 14 19:51:54 2016 New Revision: 302855 URL: https://svnweb.freebsd.org/changeset/base/302855 Log: Wait for jails to complete startup if jail_parallel_start is YES, instead of assuming they'll take less than one second. PR: 203172 Submitted by: dmitry2...@yandex.ru Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail == --- head/etc/rc.d/jail Thu Jul 14 18:49:05 2016(r302854) +++ head/etc/rc.d/jail Thu Jul 14 19:51:54 2016(r302855) @@ -440,7 +440,7 @@ jail_status() jail_start() { - local _j _jv _jid _jl _id _name + local _j _jv _jid _id _name if [ $# = 0 ]; then return @@ -470,29 +470,30 @@ jail_start() # Start jails in parallel and then check jail id when # jail_parallel_start is YES. # - _jl= for _j in $@; do _j=$(echo $_j | tr /. _) _jv=$(echo -n $_j | tr -c '[:alnum:]' _) parse_options $_j $_jv || continue - _jl="$_jl $_j" eval rc_flags=\${jail_${_jv}_flags:-$jail_flags} eval command=\${jail_${_jv}_program:-$jail_program} command_args="-i -f $_conf -c $_j" - $command $rc_flags $command_args \ - >/dev/null 2>&1 /var/run/jail_${_j}.id - else - echo " cannot start jail " \ - "\"${_hostname:-${_j}}\": " - fi + ( + _tmp=`mktemp -t jail_${_j}` || exit 3 + if $command $rc_flags $command_args \ + >> $_tmp 2>&1 /var/run/jail_${_j}.id + else + echo " cannot start jail " \ + "\"${_hostname:-${_j}}\": " + cat $_tmp + fi + rm -f $_tmp + ) & done + wait else # # Start jails one-by-one when jail_parallel_start is NO. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301910 - stable/10/sys/kern
Author: jamie Date: Wed Jun 15 01:59:55 2016 New Revision: 301910 URL: https://svnweb.freebsd.org/changeset/base/301910 Log: MFC r301764: Fix a vnode leak when giving a child jail a too-long path when debug.disablefullpath=1. Modified: stable/10/sys/kern/kern_jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Wed Jun 15 01:58:54 2016 (r301909) +++ stable/10/sys/kern/kern_jail.c Wed Jun 15 01:59:55 2016 (r301910) @@ -1022,6 +1022,7 @@ kern_jail_set(struct thread *td, struct if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/") ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) { error = ENAMETOOLONG; + vrele(root); goto done_free; } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301909 - stable/10/sys/kern
Author: jamie Date: Wed Jun 15 01:58:54 2016 New Revision: 301909 URL: https://svnweb.freebsd.org/changeset/base/301909 Log: MFC r301760: Re-order some jail parameter reading to prevent a vnode leak. Modified: stable/10/sys/kern/kern_jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Wed Jun 15 01:57:22 2016 (r301908) +++ stable/10/sys/kern/kern_jail.c Wed Jun 15 01:58:54 2016 (r301909) @@ -932,6 +932,46 @@ kern_jail_set(struct thread *td, struct } #endif + error = vfs_getopt(opts, "osrelease", (void **), ); + if (error == ENOENT) + osrelstr = NULL; + else if (error != 0) + goto done_free; + else { + if (flags & JAIL_UPDATE) { + error = EINVAL; + vfs_opterror(opts, + "osrelease cannot be changed after creation"); + goto done_errmsg; + } + if (len == 0 || len >= OSRELEASELEN) { + error = EINVAL; + vfs_opterror(opts, + "osrelease string must be 1-%d bytes long", + OSRELEASELEN - 1); + goto done_errmsg; + } + } + + error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt)); + if (error == ENOENT) + osreldt = 0; + else if (error != 0) + goto done_free; + else { + if (flags & JAIL_UPDATE) { + error = EINVAL; + vfs_opterror(opts, + "osreldate cannot be changed after creation"); + goto done_errmsg; + } + if (osreldt == 0) { + error = EINVAL; + vfs_opterror(opts, "osreldate cannot be 0"); + goto done_errmsg; + } + } + fullpath_disabled = 0; root = NULL; error = vfs_getopt(opts, "path", (void **), ); @@ -987,46 +1027,6 @@ kern_jail_set(struct thread *td, struct } } - error = vfs_getopt(opts, "osrelease", (void **), ); - if (error == ENOENT) - osrelstr = NULL; - else if (error != 0) - goto done_free; - else { - if (flags & JAIL_UPDATE) { - error = EINVAL; - vfs_opterror(opts, - "osrelease cannot be changed after creation"); - goto done_errmsg; - } - if (len == 0 || len >= OSRELEASELEN) { - error = EINVAL; - vfs_opterror(opts, - "osrelease string must be 1-%d bytes long", - OSRELEASELEN - 1); - goto done_errmsg; - } - } - - error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt)); - if (error == ENOENT) - osreldt = 0; - else if (error != 0) - goto done_free; - else { - if (flags & JAIL_UPDATE) { - error = EINVAL; - vfs_opterror(opts, - "osreldate cannot be changed after creation"); - goto done_errmsg; - } - if (osreldt == 0) { - error = EINVAL; - vfs_opterror(opts, "osreldate cannot be 0"); - goto done_errmsg; - } - } - /* * Find the specified jail, or at least its parent. * This abuses the file error codes ENOENT and EEXIST. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301908 - stable/10/sys/kern
Author: jamie Date: Wed Jun 15 01:57:22 2016 New Revision: 301908 URL: https://svnweb.freebsd.org/changeset/base/301908 Log: MFC r301758: Clean up some logic in jail error messages, replacing a missing test and a redundant test with a single correct test. Modified: stable/10/sys/kern/kern_jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Wed Jun 15 01:56:20 2016 (r301907) +++ stable/10/sys/kern/kern_jail.c Wed Jun 15 01:57:22 2016 (r301908) @@ -1943,19 +1943,17 @@ kern_jail_set(struct thread *td, struct vrele(root); done_errmsg: if (error) { - vfs_getopt(opts, "errmsg", (void **), _len); - if (errmsg_len > 0) { + if (vfs_getopt(opts, "errmsg", (void **), + _len) == 0 && errmsg_len > 0) { errmsg_pos = 2 * vfs_getopt_pos(opts, "errmsg") + 1; - if (errmsg_pos > 0) { - if (optuio->uio_segflg == UIO_SYSSPACE) - bcopy(errmsg, - optuio->uio_iov[errmsg_pos].iov_base, - errmsg_len); - else - copyout(errmsg, - optuio->uio_iov[errmsg_pos].iov_base, - errmsg_len); - } + if (optuio->uio_segflg == UIO_SYSSPACE) + bcopy(errmsg, + optuio->uio_iov[errmsg_pos].iov_base, + errmsg_len); + else + copyout(errmsg, + optuio->uio_iov[errmsg_pos].iov_base, + errmsg_len); } } done_free: ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301907 - stable/10/sys/kern
Author: jamie Date: Wed Jun 15 01:56:20 2016 New Revision: 301907 URL: https://svnweb.freebsd.org/changeset/base/301907 Log: MFC r301745: Make sure the OSD methods for jail set and remove can't run concurrently, by holding allprison_lock exclusively (even if only for a moment before downgrading) on all paths that call PR_METHOD_REMOVE. Since they may run on a downgraded lock, it's still possible for them to run concurrently with PR_METHOD_GET, which will need to use the prison lock. Modified: stable/10/sys/kern/kern_jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Wed Jun 15 01:54:17 2016 (r301906) +++ stable/10/sys/kern/kern_jail.c Wed Jun 15 01:56:20 2016 (r301907) @@ -2400,7 +2400,14 @@ sys_jail_attach(struct thread *td, struc if (error) return (error); - sx_slock(_lock); + /* +* Start with exclusive hold on allprison_lock to ensure that a possible +* PR_METHOD_REMOVE call isn't concurrent with jail_set or jail_remove. +* But then immediately downgrade it since we don't need to stop +* readers. +*/ + sx_xlock(_lock); + sx_downgrade(_lock); pr = prison_find_child(td->td_ucred->cr_prison, uap->jid); if (pr == NULL) { sx_sunlock(_lock); @@ -2618,9 +2625,11 @@ prison_complete(void *context, int pendi { struct prison *pr = context; + sx_xlock(_lock); mtx_lock(>pr_mtx); prison_deref(pr, pr->pr_uref - ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED); + ? PD_DEREF | PD_DEUREF | PD_LOCKED | PD_LIST_XLOCKED + : PD_LOCKED | PD_LIST_XLOCKED); } /* @@ -2664,13 +2673,8 @@ prison_deref(struct prison *pr, int flag */ if (lasturef) { if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) { - if (ref > 1) { - sx_slock(_lock); - flags |= PD_LIST_SLOCKED; - } else { - sx_xlock(_lock); - flags |= PD_LIST_XLOCKED; - } + sx_xlock(_lock); + flags |= PD_LIST_XLOCKED; } (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL); mtx_lock(>pr_mtx); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301906 - stable/10/sys/kern
Author: jamie Date: Wed Jun 15 01:54:17 2016 New Revision: 301906 URL: https://svnweb.freebsd.org/changeset/base/301906 Log: MFC r301737: Remove a comment that was part of copied code, and is misleading in the new location. Modified: stable/10/sys/kern/sysv_msg.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/sysv_msg.c == --- stable/10/sys/kern/sysv_msg.c Wed Jun 15 01:49:01 2016 (r301905) +++ stable/10/sys/kern/sysv_msg.c Wed Jun 15 01:54:17 2016 (r301906) @@ -326,12 +326,6 @@ msgunload() #endif for (msqid = 0; msqid < msginfo.msgmni; msqid++) { - /* -* Look for an unallocated and unlocked msqid_ds. -* msqid_ds's can be locked by msgsnd or msgrcv while -* they are copying the message in/out. We can't -* re-use the entry until they release it. -*/ msqkptr = [msqid]; if (msqkptr->u.msg_qbytes != 0 || (msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301905 - in stable/10: lib/libc/sys sys/kern
Author: jamie Date: Wed Jun 15 01:49:01 2016 New Revision: 301905 URL: https://svnweb.freebsd.org/changeset/base/301905 Log: MFC r300983: Mark jail(2), and the sysctls that it (and only it) uses as deprecated. jail(8) has long used jail_set(2), and those sysctl only cause confusion. Modified: stable/10/lib/libc/sys/jail.2 stable/10/sys/kern/kern_jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libc/sys/jail.2 == --- stable/10/lib/libc/sys/jail.2 Wed Jun 15 01:42:53 2016 (r301904) +++ stable/10/lib/libc/sys/jail.2 Wed Jun 15 01:49:01 2016 (r301905) @@ -106,7 +106,7 @@ pointers can be set to an arrays of IPv4 the prison, or NULL if none. IPv4 addresses must be in network byte order. .Pp -This is equivalent to the +This is equivalent to, and deprecated in favor of, the .Fn jail_set system call (see below), with the parameters .Va path , Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Wed Jun 15 01:42:53 2016 (r301904) +++ stable/10/sys/kern/kern_jail.c Wed Jun 15 01:49:01 2016 (r301905) @@ -4306,7 +4306,7 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vn #if defined(INET) || defined(INET6) SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, _max_af_ips, 0, -"Number of IP addresses a jail may have at most per address family"); +"Number of IP addresses a jail may have at most per address family (deprecated)"); #endif /* @@ -4346,59 +4346,59 @@ sysctl_jail_default_allow(SYSCTL_HANDLER SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I", -"Processes in jail can set their hostnames"); +"Processes in jail can set their hostnames (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I", -"Processes in jail are limited to creating UNIX/IP/route sockets only"); +"Processes in jail are limited to creating UNIX/IP/route sockets only (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I", -"Processes in jail can use System V IPC primitives"); +"Processes in jail can use System V IPC primitives (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I", -"Prison root can create raw sockets"); +"Prison root can create raw sockets (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I", -"Processes in jail can alter system file flags"); +"Processes in jail can alter system file flags (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I", -"Processes in jail can mount/unmount jail-friendly file systems"); +"Processes in jail can mount/unmount jail-friendly file systems (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_devfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the devfs file system"); +"Processes in jail can mount the devfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_fdescfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_FDESCFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the fdescfs file system"); +"Processes in jail can mount the fdescfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the nullfs file system"); +"Processes in jail can mount the nullfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_procfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_PROCFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the procfs file system"); +"Processes in jail can mount the procfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_linprocfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_LINPROCFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the
svn commit: r301764 - head/sys/kern
Author: jamie Date: Thu Jun 9 21:59:11 2016 New Revision: 301764 URL: https://svnweb.freebsd.org/changeset/base/301764 Log: Fix a vnode leak when giving a child jail a too-long path when debug.disablefullpath=1. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Jun 9 21:57:34 2016(r301763) +++ head/sys/kern/kern_jail.c Thu Jun 9 21:59:11 2016(r301764) @@ -1010,6 +1010,7 @@ kern_jail_set(struct thread *td, struct if (len + (path[0] == '/' && strcmp(mypr->pr_path, "/") ? strlen(mypr->pr_path) : 0) > MAXPATHLEN) { error = ENAMETOOLONG; + vrele(root); goto done_free; } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301760 - head/sys/kern
Author: jamie Date: Thu Jun 9 20:43:14 2016 New Revision: 301760 URL: https://svnweb.freebsd.org/changeset/base/301760 Log: Re-order some jail parameter reading to prevent a vnode leak. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Jun 9 20:40:12 2016(r301759) +++ head/sys/kern/kern_jail.c Thu Jun 9 20:43:14 2016(r301760) @@ -920,6 +920,46 @@ kern_jail_set(struct thread *td, struct } #endif + error = vfs_getopt(opts, "osrelease", (void **), ); + if (error == ENOENT) + osrelstr = NULL; + else if (error != 0) + goto done_free; + else { + if (flags & JAIL_UPDATE) { + error = EINVAL; + vfs_opterror(opts, + "osrelease cannot be changed after creation"); + goto done_errmsg; + } + if (len == 0 || len >= OSRELEASELEN) { + error = EINVAL; + vfs_opterror(opts, + "osrelease string must be 1-%d bytes long", + OSRELEASELEN - 1); + goto done_errmsg; + } + } + + error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt)); + if (error == ENOENT) + osreldt = 0; + else if (error != 0) + goto done_free; + else { + if (flags & JAIL_UPDATE) { + error = EINVAL; + vfs_opterror(opts, + "osreldate cannot be changed after creation"); + goto done_errmsg; + } + if (osreldt == 0) { + error = EINVAL; + vfs_opterror(opts, "osreldate cannot be 0"); + goto done_errmsg; + } + } + fullpath_disabled = 0; root = NULL; error = vfs_getopt(opts, "path", (void **), ); @@ -975,46 +1015,6 @@ kern_jail_set(struct thread *td, struct } } - error = vfs_getopt(opts, "osrelease", (void **), ); - if (error == ENOENT) - osrelstr = NULL; - else if (error != 0) - goto done_free; - else { - if (flags & JAIL_UPDATE) { - error = EINVAL; - vfs_opterror(opts, - "osrelease cannot be changed after creation"); - goto done_errmsg; - } - if (len == 0 || len >= OSRELEASELEN) { - error = EINVAL; - vfs_opterror(opts, - "osrelease string must be 1-%d bytes long", - OSRELEASELEN - 1); - goto done_errmsg; - } - } - - error = vfs_copyopt(opts, "osreldate", , sizeof(osreldt)); - if (error == ENOENT) - osreldt = 0; - else if (error != 0) - goto done_free; - else { - if (flags & JAIL_UPDATE) { - error = EINVAL; - vfs_opterror(opts, - "osreldate cannot be changed after creation"); - goto done_errmsg; - } - if (osreldt == 0) { - error = EINVAL; - vfs_opterror(opts, "osreldate cannot be 0"); - goto done_errmsg; - } - } - /* * Find the specified jail, or at least its parent. * This abuses the file error codes ENOENT and EEXIST. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301758 - head/sys/kern
Author: jamie Date: Thu Jun 9 20:39:57 2016 New Revision: 301758 URL: https://svnweb.freebsd.org/changeset/base/301758 Log: Clean up some logic in jail error messages, replacing a missing test and a redundant test with a single correct test. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Jun 9 20:23:30 2016(r301757) +++ head/sys/kern/kern_jail.c Thu Jun 9 20:39:57 2016(r301758) @@ -1929,19 +1929,17 @@ kern_jail_set(struct thread *td, struct vrele(root); done_errmsg: if (error) { - vfs_getopt(opts, "errmsg", (void **), _len); - if (errmsg_len > 0) { + if (vfs_getopt(opts, "errmsg", (void **), + _len) == 0 && errmsg_len > 0) { errmsg_pos = 2 * vfs_getopt_pos(opts, "errmsg") + 1; - if (errmsg_pos > 0) { - if (optuio->uio_segflg == UIO_SYSSPACE) - bcopy(errmsg, - optuio->uio_iov[errmsg_pos].iov_base, - errmsg_len); - else - copyout(errmsg, - optuio->uio_iov[errmsg_pos].iov_base, - errmsg_len); - } + if (optuio->uio_segflg == UIO_SYSSPACE) + bcopy(errmsg, + optuio->uio_iov[errmsg_pos].iov_base, + errmsg_len); + else + copyout(errmsg, + optuio->uio_iov[errmsg_pos].iov_base, + errmsg_len); } } done_free: ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301745 - head/sys/kern
Author: jamie Date: Thu Jun 9 16:41:41 2016 New Revision: 301745 URL: https://svnweb.freebsd.org/changeset/base/301745 Log: Make sure the OSD methods for jail set and remove can't run concurrently, by holding allprison_lock exclusively (even if only for a moment before downgrading) on all paths that call PR_METHOD_REMOVE. Since they may run on a downgraded lock, it's still possible for them to run concurrently with PR_METHOD_GET, which will need to use the prison lock. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Jun 9 16:30:27 2016(r301744) +++ head/sys/kern/kern_jail.c Thu Jun 9 16:41:41 2016(r301745) @@ -2383,7 +2383,14 @@ sys_jail_attach(struct thread *td, struc if (error) return (error); - sx_slock(_lock); + /* +* Start with exclusive hold on allprison_lock to ensure that a possible +* PR_METHOD_REMOVE call isn't concurrent with jail_set or jail_remove. +* But then immediately downgrade it since we don't need to stop +* readers. +*/ + sx_xlock(_lock); + sx_downgrade(_lock); pr = prison_find_child(td->td_ucred->cr_prison, uap->jid); if (pr == NULL) { sx_sunlock(_lock); @@ -2601,9 +2608,11 @@ prison_complete(void *context, int pendi { struct prison *pr = context; + sx_xlock(_lock); mtx_lock(>pr_mtx); prison_deref(pr, pr->pr_uref - ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED); + ? PD_DEREF | PD_DEUREF | PD_LOCKED | PD_LIST_XLOCKED + : PD_LOCKED | PD_LIST_XLOCKED); } /* @@ -2647,13 +2656,8 @@ prison_deref(struct prison *pr, int flag */ if (lasturef) { if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) { - if (ref > 1) { - sx_slock(_lock); - flags |= PD_LIST_SLOCKED; - } else { - sx_xlock(_lock); - flags |= PD_LIST_XLOCKED; - } + sx_xlock(_lock); + flags |= PD_LIST_XLOCKED; } (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL); mtx_lock(>pr_mtx); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301737 - head/sys/kern
Author: jamie Date: Thu Jun 9 15:34:33 2016 New Revision: 301737 URL: https://svnweb.freebsd.org/changeset/base/301737 Log: Remove a comment that was part of copied code, and is misleading in the new location. Modified: head/sys/kern/sysv_msg.c Modified: head/sys/kern/sysv_msg.c == --- head/sys/kern/sysv_msg.cThu Jun 9 15:19:48 2016(r301736) +++ head/sys/kern/sysv_msg.cThu Jun 9 15:34:33 2016(r301737) @@ -320,12 +320,6 @@ msgunload() #endif for (msqid = 0; msqid < msginfo.msgmni; msqid++) { - /* -* Look for an unallocated and unlocked msqid_ds. -* msqid_ds's can be locked by msgsnd or msgrcv while -* they are copying the message in/out. We can't -* re-use the entry until they release it. -*/ msqkptr = [msqid]; if (msqkptr->u.msg_qbytes != 0 || (msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r300983 - in head: lib/libc/sys sys/kern
Author: jamie Date: Mon May 30 05:21:24 2016 New Revision: 300983 URL: https://svnweb.freebsd.org/changeset/base/300983 Log: Mark jail(2), and the sysctls that it (and only it) uses as deprecated. jail(8) has long used jail_set(2), and those sysctl only cause confusion. Modified: head/lib/libc/sys/jail.2 head/sys/kern/kern_jail.c Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Mon May 30 04:48:06 2016(r300982) +++ head/lib/libc/sys/jail.2Mon May 30 05:21:24 2016(r300983) @@ -106,7 +106,7 @@ pointers can be set to an arrays of IPv4 the prison, or NULL if none. IPv4 addresses must be in network byte order. .Pp -This is equivalent to the +This is equivalent to, and deprecated in favor of, the .Fn jail_set system call (see below), with the parameters .Va path , Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Mon May 30 04:48:06 2016(r300982) +++ head/sys/kern/kern_jail.c Mon May 30 05:21:24 2016(r300983) @@ -4276,7 +4276,7 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vn #if defined(INET) || defined(INET6) SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, _max_af_ips, 0, -"Number of IP addresses a jail may have at most per address family"); +"Number of IP addresses a jail may have at most per address family (deprecated)"); #endif /* @@ -4316,59 +4316,59 @@ sysctl_jail_default_allow(SYSCTL_HANDLER SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I", -"Processes in jail can set their hostnames"); +"Processes in jail can set their hostnames (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I", -"Processes in jail are limited to creating UNIX/IP/route sockets only"); +"Processes in jail are limited to creating UNIX/IP/route sockets only (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I", -"Processes in jail can use System V IPC primitives"); +"Processes in jail can use System V IPC primitives (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I", -"Prison root can create raw sockets"); +"Prison root can create raw sockets (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I", -"Processes in jail can alter system file flags"); +"Processes in jail can alter system file flags (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I", -"Processes in jail can mount/unmount jail-friendly file systems"); +"Processes in jail can mount/unmount jail-friendly file systems (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_devfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_DEVFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the devfs file system"); +"Processes in jail can mount the devfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_fdescfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_FDESCFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the fdescfs file system"); +"Processes in jail can mount the fdescfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_nullfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_NULLFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the nullfs file system"); +"Processes in jail can mount the nullfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_procfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_PROCFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the procfs file system"); +"Processes in jail can mount the procfs file system (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_linprocfs_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT_LINPROCFS, sysctl_jail_default_allow, "I", -"Processes in jail can mount the linprocfs file system"); +"Processes in jail can mount the linprocfs file system (deprecated)"); SYSCTL_PROC(_security_jail,
svn commit: r298889 - stable/10/usr.sbin/jail
Author: jamie Date: Sun May 1 16:49:32 2016 New Revision: 298889 URL: https://svnweb.freebsd.org/changeset/base/298889 Log: MFC r29: typo Submitted by: Jimmy Olgeni Modified: stable/10/usr.sbin/jail/jail.8 Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/jail.8 == --- stable/10/usr.sbin/jail/jail.8 Sun May 1 16:48:03 2016 (r29) +++ stable/10/usr.sbin/jail/jail.8 Sun May 1 16:49:32 2016 (r298889) @@ -653,7 +653,7 @@ its keys. If set to .Dq disable , the jail cannot perform any sysvmsg-related system calls. -.It Va sysvsem, sysvmsg +.It Va sysvsem, sysvshm Allow access to SYSV IPC semaphore and shared memory primitives, in the same manner as .Va sysvmsg. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298888 - head/usr.sbin/jail
Author: jamie Date: Sun May 1 16:48:03 2016 New Revision: 29 URL: https://svnweb.freebsd.org/changeset/base/29 Log: typo Submitted by: Jimmy Olgeni Modified: head/usr.sbin/jail/jail.8 Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Sun May 1 16:43:22 2016(r298887) +++ head/usr.sbin/jail/jail.8 Sun May 1 16:48:03 2016(r29) @@ -653,7 +653,7 @@ its keys. If set to .Dq disable , the jail cannot perform any sysvmsg-related system calls. -.It Va sysvsem, sysvmsg +.It Va sysvsem, sysvshm Allow access to SYSV IPC semaphore and shared memory primitives, in the same manner as .Va sysvmsg. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298863 - in head: share/man/man5 usr.sbin/jail
Author: jamie Date: Sat Apr 30 21:27:41 2016 New Revision: 298863 URL: https://svnweb.freebsd.org/changeset/base/298863 Log: Clarify when happens when there is a "depend" parameter in jail.conf, and how this affects the "jail_list" option in rc.conf. Modified: head/share/man/man5/rc.conf.5 head/usr.sbin/jail/jail.8 Modified: head/share/man/man5/rc.conf.5 == --- head/share/man/man5/rc.conf.5 Sat Apr 30 20:05:23 2016 (r298862) +++ head/share/man/man5/rc.conf.5 Sat Apr 30 21:27:41 2016 (r298863) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 29, 2016 +.Dd April 30, 2016 .Dt RC.CONF 5 .Os .Sh NAME @@ -3868,6 +3868,9 @@ The names specified in this list control instances missing from .Va jail_list must be started manually. +Note that a jail's +.Va depend +parameter in the configuration file may override this list. .It Va jail_reverse_stop .Pq Vt bool When set to Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Sat Apr 30 20:05:23 2016(r298862) +++ head/usr.sbin/jail/jail.8 Sat Apr 30 21:27:41 2016(r298863) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 25, 2016 +.Dd April 30, 2016 .Dt JAIL 8 .Os .Sh NAME @@ -838,13 +838,14 @@ Allow making changes to a jail. .It Va depend Specify a jail (or jails) that this jail depends on. -Any such jails must be fully created, up to the last +When this jail is to be created, any jail(s) it depends on must already exist. +If not, they will be created automatically, up to the completion of the last .Va exec.poststart command, before any action will taken to create this jail. When jails are removed the opposite is true: -this jail must be fully removed, up to the last +this jail will be removed, up to the last .Va exec.poststop -command, before the jail(s) it depends on are stopped. +command, before any jail(s) it depends on are stopped. .El .Sh EXAMPLES Jails are typically set up using one of two philosophies: either to ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298852 - in stable/10: etc/defaults etc/rc.d share/man/man5
Author: jamie Date: Sat Apr 30 15:06:18 2016 New Revision: 298852 URL: https://svnweb.freebsd.org/changeset/base/298852 Log: MFC r295471: Add new rc.conf parameter "jail_reverse_stop" When a user defines "jail_list" in rc.conf the jails are started in the order defined. Currently the jails are not are stopped in reverse order which may break dependencies between jails/services and prevent a clean shutdown. The new parameter "jail_reverse_stop" will shutdown jails in "jail_list" in reverse order when set to "YES". Please note that this does not affect manual invocation of the jail rc script. If a user runs the command # service jail stop jail1 jail2 jail3 the jails will be stopped in exactly the order specified regardless of jail_reverse_stop being defined in rc.conf. MFC r295568: Document the new jail_reverse_stop parameter While here clean up the documentation for jail_list PR: 196152 Submitted by: feld Modified: stable/10/etc/defaults/rc.conf stable/10/etc/rc.d/jail stable/10/share/man/man5/rc.conf.5 Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/defaults/rc.conf == --- stable/10/etc/defaults/rc.conf Sat Apr 30 14:48:30 2016 (r298851) +++ stable/10/etc/defaults/rc.conf Sat Apr 30 15:06:18 2016 (r298852) @@ -700,6 +700,7 @@ rctl_rules="/etc/rctl.conf" # rctl(8) ru jail_enable="NO" # Set to NO to disable starting of any jails jail_parallel_start="NO" # Start jails in the background jail_list="" # Space separated list of names of jails +jail_reverse_stop="NO" # Stop jails in reverse order ## ### Define source_rc_confs, the mechanism used by /etc/rc.* ## Modified: stable/10/etc/rc.d/jail == --- stable/10/etc/rc.d/jail Sat Apr 30 14:48:30 2016(r298851) +++ stable/10/etc/rc.d/jail Sat Apr 30 15:06:18 2016(r298852) @@ -517,7 +517,11 @@ jail_stop() command=$jail_program rc_flags=$jail_flags command_args="-f $jail_conf -r" - $jail_jls name | while read _j; do + if checkyesno jail_reverse_stop; then + $jail_jls name | tail -r + else + $jail_jls name + fi | while read _j; do echo -n " $_j" _tmp=`mktemp -t jail` || exit 3 $command $rc_flags $command_args $_j >> $_tmp 2>&1 @@ -532,6 +536,7 @@ jail_stop() return ;; esac + checkyesno jail_reverse_stop && set -- $(reverse_list $@) for _j in $@; do _j=$(echo $_j | tr /. _) _jv=$(echo -n $_j | tr -c '[:alnum:]' _) @@ -567,5 +572,6 @@ jail_warn() load_rc_config $name case $# in 1) run_rc_command $@ ${jail_list:-_ALL} ;; -*) run_rc_command $@ ;; +*) jail_reverse_stop="no" + run_rc_command $@ ;; esac Modified: stable/10/share/man/man5/rc.conf.5 == --- stable/10/share/man/man5/rc.conf.5 Sat Apr 30 14:48:30 2016 (r298851) +++ stable/10/share/man/man5/rc.conf.5 Sat Apr 30 15:06:18 2016 (r298852) @@ -3938,20 +3938,22 @@ for every jail in .Va jail_list . .It Va jail_list .Pq Vt str -A space separated list of names for jails. -If this variable is empty, -all of +A space-delimited list of jail names. +When left empty, all of the .Xr jail 8 -instances in the configuration file will be configured. -This is purely a configuration aid to help identify and -configure multiple jails. -The names specified in this list will be used to -identify settings common to an instance of a jail, -and should contain alphanumeric characters only. -The literal jail name of -.Dq Li 0 -.Pq zero -is not allowed. +instances defined in the configuration file are started. +The names specified in this list control the jail startup order. +.Xr jail 8 +instances missing from +.Va jail_list +must be started manually. +.It Va jail_reverse_stop +.Pq Vt bool +When set to +.Dq Li YES , +all configured jails in +.Va jail_list +are stopped in reverse order. .It Va jail_* variables Note that older releases supported per-jail configuration via .Xr rc.conf 5 ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298835 - in stable/10: sys/kern usr.sbin/jail
Author: jamie Date: Sat Apr 30 04:02:32 2016 New Revision: 298835 URL: https://svnweb.freebsd.org/changeset/base/298835 Log: MFC r298584: Note the existence of module-specific jail paramters, starting with the linux.* parameters when linux emulation is loaded. MFC r298585: Encapsulate SYSV IPC objects in jails. Define per-module parameters sysvmsg, sysvsem, and sysvshm, with the following bahavior: inherit: allow full access to the IPC primitives. This is the same as the current setup with allow.sysvipc is on. Jails and the base system can see (and moduly) each other's objects, which is generally considered a bad thing (though may be useful in some circumstances). disable: all no access, same as the current setup with allow.sysvipc off. new: A jail may see use the IPC objects that it has created. It also gets its own IPC key namespace, so different jails may have their own objects using the same key value. The parent jail (or base system) can see the jail's IPC objects, but not its keys. PR: 48471 Modified: stable/10/sys/kern/sysv_msg.c stable/10/sys/kern/sysv_sem.c stable/10/sys/kern/sysv_shm.c stable/10/usr.sbin/jail/jail.8 Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/sysv_msg.c == --- stable/10/sys/kern/sysv_msg.c Sat Apr 30 04:01:22 2016 (r298834) +++ stable/10/sys/kern/sysv_msg.c Sat Apr 30 04:02:32 2016 (r298835) @@ -62,8 +62,10 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include +#include #include #include #include @@ -80,6 +82,14 @@ static MALLOC_DEFINE(M_MSG, "msg", "SVID static int msginit(void); static int msgunload(void); static int sysvmsg_modload(struct module *, int, void *); +static void msq_remove(struct msqid_kernel *); +static struct prison *msg_find_prison(struct ucred *); +static int msq_prison_cansee(struct prison *, struct msqid_kernel *); +static int msg_prison_check(void *, void *); +static int msg_prison_set(void *, void *); +static int msg_prison_get(void *, void *); +static int msg_prison_remove(void *, void *); +static void msg_prison_cleanup(struct prison *); #ifdef MSG_DEBUG @@ -155,6 +165,7 @@ static struct msgmap *msgmaps; /* MSGSEG static struct msg *msghdrs;/* MSGTQL msg headers */ static struct msqid_kernel *msqids;/* MSGMNI msqid_kernel struct's */ static struct mtx msq_mtx; /* global mutex for message queues. */ +static unsigned msg_prison_slot;/* prison OSD slot */ static struct syscall_helper_data msg_syscalls[] = { SYSCALL_INIT_HELPER(msgctl), @@ -194,7 +205,15 @@ static struct syscall_helper_data msg32_ static int msginit() { + struct prison *pr; + void *rsv; int i, error; + osd_method_t methods[PR_MAXMETHOD] = { + [PR_METHOD_CHECK] = msg_prison_check, + [PR_METHOD_SET] = msg_prison_set, + [PR_METHOD_GET] = msg_prison_get, + [PR_METHOD_REMOVE] =msg_prison_remove, + }; TUNABLE_INT_FETCH("kern.ipc.msgseg", ); TUNABLE_INT_FETCH("kern.ipc.msgssz", ); @@ -258,6 +277,29 @@ msginit() } mtx_init(_mtx, "msq", NULL, MTX_DEF); + /* Set current prisons according to their allow.sysvipc. */ + msg_prison_slot = osd_jail_register(NULL, methods); + rsv = osd_reserve(msg_prison_slot); + prison_lock(); + (void)osd_jail_set_reserved(, msg_prison_slot, rsv, ); + prison_unlock(); + rsv = NULL; + sx_slock(_lock); + TAILQ_FOREACH(pr, , pr_list) { + if (rsv == NULL) + rsv = osd_reserve(msg_prison_slot); + prison_lock(pr); + if ((pr->pr_allow & PR_ALLOW_SYSVIPC) && pr->pr_ref > 0) { + (void)osd_jail_set_reserved(pr, msg_prison_slot, rsv, + ); + rsv = NULL; + } + prison_unlock(pr); + } + if (rsv != NULL) + osd_free_reserved(rsv); + sx_sunlock(_lock); + error = syscall_helper_register(msg_syscalls); if (error != 0) return (error); @@ -298,6 +340,8 @@ msgunload() if (msqid != msginfo.msgmni) return (EBUSY); + if (msg_prison_slot != 0) + osd_jail_deregister(msg_prison_slot); #ifdef MAC for (i = 0; i < msginfo.msgtql; i++) mac_sysvmsg_destroy([i]); @@ -372,6 +416,67 @@ msg_freehdr(msghdr) #endif } +static void +msq_remove(struct msqid_kernel *msqkptr) +{ + struct msg *msghdr; + + racct_sub_cred(msqkptr->cred, RACCT_NMSGQ, 1); + racct_sub_cred(msqkptr->cred, RACCT_MSGQQUEUED, msqkptr->u.msg_qnum); + racct_sub_cred(msqkptr->cred, RACCT_MSGQSIZE,
svn commit: r298834 - in stable/10: share/man/man9 sys/kern sys/sys
Author: jamie Date: Sat Apr 30 04:01:22 2016 New Revision: 298834 URL: https://svnweb.freebsd.org/changeset/base/298834 Log: MFC r297367: Move the various per-type arrays of OSD data into a single structure array. MFC r297422: Add osd_reserve() and osd_set_reserved(), which allow M_WAITOK allocation of an OSD array. Modified: stable/10/share/man/man9/osd.9 stable/10/sys/kern/kern_osd.c stable/10/sys/sys/osd.h Directory Properties: stable/10/ (props changed) Modified: stable/10/share/man/man9/osd.9 == --- stable/10/share/man/man9/osd.9 Sat Apr 30 03:19:07 2016 (r298833) +++ stable/10/share/man/man9/osd.9 Sat Apr 30 04:01:22 2016 (r298834) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 5, 2011 +.Dd March 30, 2016 .Dt OSD 9 .Os .Sh NAME @@ -33,6 +33,9 @@ .Nm osd_register , .Nm osd_deregister , .Nm osd_set , +.Nm osd_reserve , +.Nm osd_set_reserved , +.Nm osd_free_reserved , .Nm osd_get , .Nm osd_del , .Nm osd_call , @@ -63,6 +66,22 @@ .Fa "void *value" .Fc .Ft void * +.Fo osd_reserve +.Fa "u_int slot" +.Fc +.Ft int +.Fo osd_set_reserved +.Fa "u_int type" +.Fa "struct osd *osd" +.Fa "u_int slot" +.Fa "void *rsv" +.Fa "void *value" +.Fc +.Ft void +.Fo osd_free_reserved +.Fa "void *rsv" +.Fc +.Ft void * .Fo osd_get .Fa "u_int type" .Fa "struct osd *osd" @@ -198,6 +217,15 @@ argument points to a data object to asso .Fa osd . .Pp The +.Fn osd_set_reserved +function does the same as +.Fn osd_set , +but with an extra argument +.Fa rsv +that is internal-use memory previously allocated via +.Fn osd_reserve . +.Pp +The .Fn osd_get function returns the data pointer associated with a kernel data structure's .Vt struct osd @@ -324,6 +352,24 @@ will proceed without any .Xr realloc 9 calls. .Pp +It is possible for +.Fn osd_set +to fail to allocate this array. To ensure that such allocation succeeds, +.Fn osd_reserve +may be called (in a non-blocking context), and it will pre-allocate the +memory via +.Xr malloc 9 +with M_WAITOK. +Then this pre-allocated memory is passed to +.Fn osd_set_reserved , +which will use it if necessary or otherwise discard it. +The memory may also be explicitly discarded by calling +.Fn osd_free_reserved . +As this method always allocates memory whether or not it is ultimately needed, +it should be used only rarely, such as in the unlikely event that +.Fn osd_set +fails. +.Pp The .Nm API is geared towards slot identifiers storing pointers to the same underlying @@ -359,15 +405,27 @@ the kernel including most fast paths. returns the slot identifier for the newly registered data type. .Pp .Fn osd_set -returns zero on success or ENOMEM if the specified type/slot identifier pair +and +.Fn osd_set_reserved +return zero on success or ENOMEM if the specified type/slot identifier pair triggered an internal .Xr realloc 9 -which failed. +which failed +.Fn ( osd_set_reserved +will always succeed when +.Fa rsv +is non-NULL). .Pp .Fn osd_get returns the data pointer for the specified type/slot identifier pair, or NULL if the slot has not been initialised yet. .Pp +.Fn osd_reserve +returns a pointer suitable for passing to +.Fn osd_set_reserved +or +.Fn osd_free_reserved . +.Pp .Fn osd_call returns zero if no method is run or the method for each slot runs successfully. If a method for a slot returns non-zero, Modified: stable/10/sys/kern/kern_osd.c == --- stable/10/sys/kern/kern_osd.c Sat Apr 30 03:19:07 2016 (r298833) +++ stable/10/sys/kern/kern_osd.c Sat Apr 30 04:01:22 2016 (r298834) @@ -44,6 +44,23 @@ __FBSDID("$FreeBSD$"); /* OSD (Object Specific Data) */ +/* + * Lock key: + * (m) osd_module_lock + * (o) osd_object_lock + * (l) osd_list_lock + */ +struct osd_master { + struct sxosd_module_lock; + struct rmlockosd_object_lock; + struct mtx osd_list_lock; + LIST_HEAD(, osd) osd_list; /* (l) */ + osd_destructor_t*osd_destructors; /* (o) */ + osd_method_t*osd_methods; /* (m) */ + u_intosd_ntslots; /* (m) */ + const u_int osd_nmethods; +}; + static MALLOC_DEFINE(M_OSD, "osd", "Object Specific Data"); static int osd_debug = 0; @@ -62,25 +79,12 @@ static void do_osd_del(u_int type, struc int list_locked); /* - * Lists of objects with OSD. - * - * Lock key: - * (m) osd_module_lock - * (o) osd_object_lock - * (l) osd_list_lock + * List of objects with OSD. */ -static LIST_HEAD(, osd)osd_list[OSD_LAST + 1]; /* (m) */ -static osd_method_t *osd_methods[OSD_LAST + 1];/* (m) */ -static u_int osd_nslots[OSD_LAST + 1]; /* (m) */ -static osd_destructor_t
svn commit: r298833 - in stable/10/sys: kern sys
Author: jamie Date: Sat Apr 30 03:19:07 2016 New Revision: 298833 URL: https://svnweb.freebsd.org/changeset/base/298833 Log: MFC r298565: Add a new jail OSD method, PR_METHOD_REMOVE. It's called when a jail is removed from the user perspective, i.e. when the last pr_uref goes away, even though the jail mail still exist in the dying state. It will also be called if either PR_METHOD_CREATE or PR_METHOD_SET fail. MFC r298683: Delay removing the last jail reference in prison_proc_free, and instead put it off into the pr_task. This is similar to prison_free, and in fact uses the same task even though they do something slightly different. MFC r298566: Pass the current/new jail to PR_METHOD_CHECK, which pushes the call until after the jail is found or created. This requires unlocking the jail for the call and re-locking it afterward, but that works because nothing in the jail has been changed yet, and other processes won't change the important fields as long as allprison_lock remains held. Keep better track of name vs namelc in kern_jail_set. Name should always be the hierarchical name (relative to the caller), and namelc the last component. MFC r298668: Use crcopysafe in jail_attach. PR: 48471 Modified: stable/10/sys/kern/kern_jail.c stable/10/sys/sys/jail.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Sat Apr 30 03:05:36 2016 (r298832) +++ stable/10/sys/kern/kern_jail.c Sat Apr 30 03:19:07 2016 (r298833) @@ -560,8 +560,9 @@ kern_jail_set(struct thread *td, struct void *op; #endif unsigned long hid; - size_t namelen, onamelen; - int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos; + size_t namelen, onamelen, pnamelen; + int born, created, cuflags, descend, enforce; + int error, errmsg_len, errmsg_pos; int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel; int fi, jid, jsys, len, level; int childmax, osreldt, rsnum, slevel; @@ -584,7 +585,7 @@ kern_jail_set(struct thread *td, struct error = priv_check(td, PRIV_JAIL_ATTACH); if (error) return (error); - mypr = ppr = td->td_ucred->cr_prison; + mypr = td->td_ucred->cr_prison; if ((flags & JAIL_CREATE) && mypr->pr_childmax == 0) return (EPERM); if (flags & ~JAIL_SET_MASK) @@ -611,6 +612,13 @@ kern_jail_set(struct thread *td, struct #endif g_path = NULL; + cuflags = flags & (JAIL_CREATE | JAIL_UPDATE); + if (!cuflags) { + error = EINVAL; + vfs_opterror(opts, "no valid operation (create or update)"); + goto done_errmsg; + } + error = vfs_copyopt(opts, "jid", , sizeof(jid)); if (error == ENOENT) jid = 0; @@ -1020,42 +1028,18 @@ kern_jail_set(struct thread *td, struct } /* -* Grab the allprison lock before letting modules check their -* parameters. Once we have it, do not let go so we'll have a -* consistent view of the OSD list. -*/ - sx_xlock(_lock); - error = osd_jail_call(NULL, PR_METHOD_CHECK, opts); - if (error) - goto done_unlock_list; - - /* By now, all parameters should have been noted. */ - TAILQ_FOREACH(opt, opts, link) { - if (!opt->seen && strcmp(opt->name, "errmsg")) { - error = EINVAL; - vfs_opterror(opts, "unknown parameter: %s", opt->name); - goto done_unlock_list; - } - } - - /* -* See if we are creating a new record or updating an existing one. +* Find the specified jail, or at least its parent. * This abuses the file error codes ENOENT and EEXIST. */ - cuflags = flags & (JAIL_CREATE | JAIL_UPDATE); - if (!cuflags) { - error = EINVAL; - vfs_opterror(opts, "no valid operation (create or update)"); - goto done_unlock_list; - } pr = NULL; - namelc = NULL; + ppr = mypr; if (cuflags == JAIL_CREATE && jid == 0 && name != NULL) { namelc = strrchr(name, '.'); jid = strtoul(namelc != NULL ? namelc + 1 : name, , 10); if (*p != '\0') jid = 0; } + sx_xlock(_lock); if (jid != 0) { /* * See if a requested jid already exists. There is an @@ -1121,6 +1105,7 @@ kern_jail_set(struct thread *td, struct * and updates keyed by the name itself (where the name must exist * because that is the jail being updated). */ +
svn commit: r298832 - in stable/10/sys: kern sys
Author: jamie Date: Sat Apr 30 03:05:36 2016 New Revision: 298832 URL: https://svnweb.freebsd.org/changeset/base/298832 Log: MFC r298564: Remove the PR_REMOVE flag, which was meant as a temporary marker for a jail that might be seen mid-removal. It hasn't been doing the right thing since at least the ability to resurrect dying jails, and such resurrection also makes it unnecessary. Modified: stable/10/sys/kern/kern_jail.c stable/10/sys/sys/jail.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/kern_jail.c == --- stable/10/sys/kern/kern_jail.c Sat Apr 30 02:47:41 2016 (r298831) +++ stable/10/sys/kern/kern_jail.c Sat Apr 30 03:05:36 2016 (r298832) @@ -1234,7 +1234,7 @@ kern_jail_set(struct thread *td, struct } created = 1; mtx_lock(>pr_mtx); - if (ppr->pr_ref == 0 || (ppr->pr_flags & PR_REMOVE)) { + if (ppr->pr_ref == 0) { mtx_unlock(>pr_mtx); error = ENOENT; vfs_opterror(opts, "parent jail went away!"); @@ -2290,7 +2290,6 @@ sys_jail_remove(struct thread *td, struc /* Remove all descendants of this prison, then remove this prison. */ pr->pr_ref++; - pr->pr_flags |= PR_REMOVE; if (!LIST_EMPTY(>pr_children)) { mtx_unlock(>pr_mtx); lpr = NULL; @@ -2299,7 +2298,6 @@ sys_jail_remove(struct thread *td, struc if (cpr->pr_ref > 0) { tpr = cpr; cpr->pr_ref++; - cpr->pr_flags |= PR_REMOVE; } else { /* Already removed - do not do it again. */ tpr = NULL; Modified: stable/10/sys/sys/jail.h == --- stable/10/sys/sys/jail.hSat Apr 30 02:47:41 2016(r298831) +++ stable/10/sys/sys/jail.hSat Apr 30 03:05:36 2016(r298832) @@ -212,7 +212,6 @@ struct prison_racct { /* primary jail address. */ /* Internal flag bits */ -#definePR_REMOVE 0x0100 /* In process of being removed */ #definePR_IP4 0x0200 /* IPv4 restricted or disabled */ /* by this jail or an ancestor */ #definePR_IP6 0x0400 /* IPv6 restricted or disabled */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298729 - stable/10/usr.sbin/jail
Author: jamie Date: Thu Apr 28 01:40:47 2016 New Revision: 298729 URL: https://svnweb.freebsd.org/changeset/base/298729 Log: MFC r298562: Make jail(8) interpret escape codes in fstab the same as getfsent(3). PR: 208663 Modified: stable/10/usr.sbin/jail/command.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/command.c == --- stable/10/usr.sbin/jail/command.c Thu Apr 28 01:31:07 2016 (r298728) +++ stable/10/usr.sbin/jail/command.c Thu Apr 28 01:40:47 2016 (r298729) @@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include "jailp.h" @@ -445,8 +446,14 @@ run_command(struct cfjail *j) strcpy(comcs, comstring->s); argc = 0; for (cs = strtok(comcs, " \t\f\v\r\n"); cs && argc < 4; -cs = strtok(NULL, " \t\f\v\r\n")) +cs = strtok(NULL, " \t\f\v\r\n")) { + if (argc <= 1 && strunvis(cs, cs) < 0) { + jail_warnx(j, "%s: %s: fstab parse error", + j->intparams[comparam]->name, comstring->s); + return -1; + } argv[argc++] = cs; + } if (argc == 0) return 0; if (argc < 3) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298728 - stable/10/etc/rc.d
Author: jamie Date: Thu Apr 28 01:31:07 2016 New Revision: 298728 URL: https://svnweb.freebsd.org/changeset/base/298728 Log: MFC r298516: Don't remove the /var/run/jail_name.id file if a jail fails to start. This messes up ezjail (and possibly others), when attempting to start a jail that already exists. PR: 208806 Reviewed by: tj Modified: stable/10/etc/rc.d/jail Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/rc.d/jail == --- stable/10/etc/rc.d/jail Thu Apr 28 01:12:38 2016(r298727) +++ stable/10/etc/rc.d/jail Thu Apr 28 01:31:07 2016(r298728) @@ -471,7 +471,6 @@ jail_start() if _jid=$($jail_jls -j $_j jid); then echo "$_jid" > /var/run/jail_${_j}.id else - rm -f /var/run/jail_${_j}.id echo " cannot start jail " \ "\"${_hostname:-${_j}}\": " fi @@ -495,7 +494,6 @@ jail_start() _jid=$($jail_jls -j $_j jid) echo $_jid > /var/run/jail_${_j}.id else - rm -f /var/run/jail_${_j}.id echo " cannot start jail " \ "\"${_hostname:-${_j}}\": " cat $_tmp ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298683 - in head/sys: kern sys
Author: jamie Date: Wed Apr 27 02:25:21 2016 New Revision: 298683 URL: https://svnweb.freebsd.org/changeset/base/298683 Log: Delay revmoing the last jail reference in prison_proc_free, and instead put it off into the pr_task. This is similar to prison_free, and in fact uses the same task even though they do something slightly different. This resolves a LOR between the process lock and allprison_lock, which came about in r298565. PR: 48471 Modified: head/sys/kern/kern_jail.c head/sys/sys/jail.h Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Wed Apr 27 02:13:57 2016(r298682) +++ head/sys/kern/kern_jail.c Wed Apr 27 02:25:21 2016(r298683) @@ -1328,6 +1328,7 @@ kern_jail_set(struct thread *td, struct LIST_INIT(>pr_children); mtx_init(>pr_mtx, "jail mutex", NULL, MTX_DEF | MTX_DUPOK); + TASK_INIT(>pr_task, 0, prison_complete, pr); #ifdef VIMAGE /* Allocate a new vnet if specified. */ @@ -2575,16 +2576,13 @@ prison_allow(struct ucred *cred, unsigne void prison_free_locked(struct prison *pr) { + int ref; mtx_assert(>pr_mtx, MA_OWNED); - pr->pr_ref--; - if (pr->pr_ref == 0) { - mtx_unlock(>pr_mtx); - TASK_INIT(>pr_task, 0, prison_complete, pr); - taskqueue_enqueue(taskqueue_thread, >pr_task); - return; - } + ref = --pr->pr_ref; mtx_unlock(>pr_mtx); + if (ref == 0) + taskqueue_enqueue(taskqueue_thread, >pr_task); } void @@ -2595,11 +2593,17 @@ prison_free(struct prison *pr) prison_free_locked(pr); } +/* + * Complete a call to either prison_free or prison_proc_free. + */ static void prison_complete(void *context, int pending) { + struct prison *pr = context; - prison_deref((struct prison *)context, 0); + mtx_lock(>pr_mtx); + prison_deref(pr, pr->pr_uref + ? PD_DEREF | PD_DEUREF | PD_LOCKED : PD_LOCKED); } /* @@ -2618,6 +2622,9 @@ prison_deref(struct prison *pr, int flag mtx_lock(>pr_mtx); for (;;) { if (flags & PD_DEUREF) { + KASSERT(pr->pr_uref > 0, + ("prison_deref PD_DEUREF on a dead prison (jid=%d)", +pr->pr_id)); pr->pr_uref--; lasturef = pr->pr_uref == 0; if (lasturef) @@ -2625,8 +2632,12 @@ prison_deref(struct prison *pr, int flag KASSERT(prison0.pr_uref != 0, ("prison0 pr_uref=0")); } else lasturef = 0; - if (flags & PD_DEREF) + if (flags & PD_DEREF) { + KASSERT(pr->pr_ref > 0, + ("prison_deref PD_DEREF on a dead prison (jid=%d)", +pr->pr_id)); pr->pr_ref--; + } ref = pr->pr_ref; mtx_unlock(>pr_mtx); @@ -2740,7 +2751,20 @@ prison_proc_free(struct prison *pr) mtx_lock(>pr_mtx); KASSERT(pr->pr_uref > 0, ("Trying to kill a process in a dead prison (jid=%d)", pr->pr_id)); - prison_deref(pr, PD_DEUREF | PD_LOCKED); + if (pr->pr_uref > 1) + pr->pr_uref--; + else { + /* +* Don't remove the last user reference in this context, which +* is expected to be a process that is not only locked, but +* also half dead. +*/ + pr->pr_ref++; + mtx_unlock(>pr_mtx); + taskqueue_enqueue(taskqueue_thread, >pr_task); + return; + } + mtx_unlock(>pr_mtx); } Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Wed Apr 27 02:13:57 2016(r298682) +++ head/sys/sys/jail.h Wed Apr 27 02:25:21 2016(r298683) @@ -149,7 +149,6 @@ struct prison_racct; * (p) locked by pr_mtx * (c) set only during creation before the structure is shared, no mutex * required to read - * (d) set only during destruction of jail, no mutex needed */ struct prison { TAILQ_ENTRY(prison) pr_list;/* (a) all prisons */ @@ -161,7 +160,7 @@ struct prison { LIST_ENTRY(prison) pr_sibling; /* (a) next in parent's list */ struct prison *pr_parent; /* (c) containing jail */ struct mtx pr_mtx; - struct task pr_task; /* (d) destroy task */ + struct task pr_task; /* (c) destroy task */ struct osd pr_osd;/* (p) additional data */
svn commit: r298668 - head/sys/kern
Author: jamie Date: Tue Apr 26 21:19:12 2016 New Revision: 298668 URL: https://svnweb.freebsd.org/changeset/base/298668 Log: Use crcopysafe in jail_attach. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Tue Apr 26 21:11:52 2016(r298667) +++ head/sys/kern/kern_jail.c Tue Apr 26 21:19:12 2016(r298668) @@ -2405,7 +2405,6 @@ sys_jail_attach(struct thread *td, struc static int do_jail_attach(struct thread *td, struct prison *pr) { - struct prison *ppr; struct proc *p; struct ucred *newcred, *oldcred; int error; @@ -2433,7 +2432,6 @@ do_jail_attach(struct thread *td, struct /* * Reparent the newly attached process to this jail. */ - ppr = td->td_ucred->cr_prison; p = td->td_proc; error = cpuset_setproc_update_set(p, pr->pr_cpuset); if (error) @@ -2452,23 +2450,23 @@ do_jail_attach(struct thread *td, struct newcred = crget(); PROC_LOCK(p); - oldcred = p->p_ucred; - setsugid(p); - crcopy(newcred, oldcred); + oldcred = crcopysafe(p, newcred); newcred->cr_prison = pr; proc_set_cred(p, newcred); + setsugid(p); PROC_UNLOCK(p); #ifdef RACCT racct_proc_ucred_changed(p, oldcred, newcred); #endif + prison_deref(oldcred->cr_prison, PD_DEREF | PD_DEUREF); crfree(oldcred); - prison_deref(ppr, PD_DEREF | PD_DEUREF); return (0); + e_unlock: VOP_UNLOCK(pr->pr_root, 0); e_revert_osd: /* Tell modules this thread is still in its old jail after all. */ - (void)osd_jail_call(ppr, PR_METHOD_ATTACH, td); + (void)osd_jail_call(td->td_ucred->cr_prison, PR_METHOD_ATTACH, td); prison_deref(pr, PD_DEREF | PD_DEUREF); return (error); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298656 - head/sys/kern
Author: jamie Date: Tue Apr 26 18:17:44 2016 New Revision: 298656 URL: https://svnweb.freebsd.org/changeset/base/298656 Log: Redo the changes to the SYSV IPC sysctl functions from r298585, so they don't (mis)use sbufs. PR: 48471 Modified: head/sys/kern/sysv_msg.c head/sys/kern/sysv_sem.c head/sys/kern/sysv_shm.c Modified: head/sys/kern/sysv_msg.c == --- head/sys/kern/sysv_msg.cTue Apr 26 18:11:45 2016(r298655) +++ head/sys/kern/sysv_msg.cTue Apr 26 18:17:44 2016(r298656) @@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include @@ -1423,38 +1422,28 @@ sys_msgrcv(td, uap) static int sysctl_msqids(SYSCTL_HANDLER_ARGS) { - struct sbuf sb; - struct msqid_kernel tmp, empty; - struct msqid_kernel *msqkptr; - struct prison *rpr; + struct msqid_kernel tmsqk; + struct prison *pr, *rpr; int error, i; - error = sysctl_wire_old_buffer(req, 0); - if (error != 0) - goto done; + pr = req->td->td_ucred->cr_prison; rpr = msg_find_prison(req->td->td_ucred); - sbuf_new_for_sysctl(, NULL, sizeof(struct msqid_kernel) * - msginfo.msgmni, req); - - bzero(, sizeof(empty)); + error = 0; for (i = 0; i < msginfo.msgmni; i++) { - msqkptr = [i]; - if (msqkptr->u.msg_qbytes == 0 || rpr == NULL || - msq_prison_cansee(rpr, msqkptr) != 0) { - msqkptr = - } else if (req->td->td_ucred->cr_prison != - msqkptr->cred->cr_prison) { - bcopy(msqkptr, , sizeof(tmp)); - msqkptr = - msqkptr->u.msg_perm.key = IPC_PRIVATE; + mtx_lock(_mtx); + if (msqids[i].u.msg_qbytes == 0 || rpr == NULL || + msq_prison_cansee(rpr, [i]) != 0) + bzero(, sizeof(tmsqk)); + else { + tmsqk = msqids[i]; + if (tmsqk.cred->cr_prison != pr) + tmsqk.u.msg_perm.key = IPC_PRIVATE; } - - sbuf_bcat(, msqkptr, sizeof(*msqkptr)); + mtx_unlock(_mtx); + error = SYSCTL_OUT(req, , sizeof(tmsqk)); + if (error != 0) + break; } - error = sbuf_finish(); - sbuf_delete(); - -done: return (error); } @@ -1470,7 +1459,8 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, msgssz, "Size of a message segment"); SYSCTL_INT(_kern_ipc, OID_AUTO, msgseg, CTLFLAG_RDTUN, , 0, "Number of message segments"); -SYSCTL_PROC(_kern_ipc, OID_AUTO, msqids, CTLTYPE_OPAQUE | CTLFLAG_RD, +SYSCTL_PROC(_kern_ipc, OID_AUTO, msqids, +CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, sysctl_msqids, "", "Message queue IDs"); static int Modified: head/sys/kern/sysv_sem.c == --- head/sys/kern/sysv_sem.cTue Apr 26 18:11:45 2016(r298655) +++ head/sys/kern/sysv_sem.cTue Apr 26 18:17:44 2016(r298656) @@ -52,7 +52,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include @@ -220,7 +219,8 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, semvmx, "Semaphore maximum value"); SYSCTL_INT(_kern_ipc, OID_AUTO, semaem, CTLFLAG_RWTUN, , 0, "Adjust on exit max value"); -SYSCTL_PROC(_kern_ipc, OID_AUTO, sema, CTLTYPE_OPAQUE | CTLFLAG_RD, +SYSCTL_PROC(_kern_ipc, OID_AUTO, sema, +CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, sysctl_sema, "", "Semaphore id pool"); static struct syscall_helper_data sem_syscalls[] = { @@ -1465,38 +1465,28 @@ semexit_myhook(void *arg, struct proc *p static int sysctl_sema(SYSCTL_HANDLER_ARGS) { - struct prison *rpr; - struct sbuf sb; - struct semid_kernel tmp, empty; - struct semid_kernel *semakptr; + struct prison *pr, *rpr; + struct semid_kernel tsemak; int error, i; - error = sysctl_wire_old_buffer(req, 0); - if (error != 0) - goto done; + pr = req->td->td_ucred->cr_prison; rpr = sem_find_prison(req->td->td_ucred); - sbuf_new_for_sysctl(, NULL, sizeof(struct semid_kernel) * - seminfo.semmni, req); - - bzero(, sizeof(empty)); + error = 0; for (i = 0; i < seminfo.semmni; i++) { - semakptr = [i]; - if ((semakptr->u.sem_perm.mode & SEM_ALLOC) == 0 || - rpr == NULL || sem_prison_cansee(rpr, semakptr) != 0) { - semakptr = - } else if (req->td->td_ucred->cr_prison != - semakptr->cred->cr_prison) { - bcopy(semakptr, , sizeof(tmp)); -
svn commit: r298597 - head/sys/kern
Author: jamie Date: Mon Apr 25 22:30:10 2016 New Revision: 298597 URL: https://svnweb.freebsd.org/changeset/base/298597 Log: Fix the logic in r298585: shm_prison_cansee returns an errno, so is the opposite of a boolean. PR: 48471 Modified: head/sys/kern/sysv_shm.c Modified: head/sys/kern/sysv_shm.c == --- head/sys/kern/sysv_shm.cMon Apr 25 22:25:57 2016(r298596) +++ head/sys/kern/sysv_shm.cMon Apr 25 22:30:10 2016(r298597) @@ -230,7 +230,7 @@ shm_find_segment(struct prison *rpr, int (!shm_allow_removed && (shmseg->u.shm_perm.mode & SHMSEG_REMOVED) != 0) || (is_shmid && shmseg->u.shm_perm.seq != IPCID_TO_SEQ(arg)) || - !shm_prison_cansee(rpr, shmseg)) + shm_prison_cansee(rpr, shmseg) != 0) return (NULL); return (shmseg); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298585 - in head: sys/kern usr.sbin/jail
Author: jamie Date: Mon Apr 25 17:06:50 2016 New Revision: 298585 URL: https://svnweb.freebsd.org/changeset/base/298585 Log: Encapsulate SYSV IPC objects in jails. Define per-module parameters sysvmsg, sysvsem, and sysvshm, with the following bahavior: inherit: allow full access to the IPC primitives. This is the same as the current setup with allow.sysvipc is on. Jails and the base system can see (and moduly) each other's objects, which is generally considered a bad thing (though may be useful in some circumstances). disable: all no access, same as the current setup with allow.sysvipc off. new: A jail may see use the IPC objects that it has created. It also gets its own IPC key namespace, so different jails may have their own objects using the same key value. The parent jail (or base system) can see the jail's IPC objects, but not its keys. PR: 48471 Submitted by: based on work by kikucha...@gmail.com MFC after:5 days Modified: head/sys/kern/sysv_msg.c head/sys/kern/sysv_sem.c head/sys/kern/sysv_shm.c head/usr.sbin/jail/jail.8 Modified: head/sys/kern/sysv_msg.c == --- head/sys/kern/sysv_msg.cMon Apr 25 17:01:13 2016(r298584) +++ head/sys/kern/sysv_msg.cMon Apr 25 17:06:50 2016(r298585) @@ -62,8 +62,11 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include +#include +#include #include #include #include @@ -80,6 +83,14 @@ static MALLOC_DEFINE(M_MSG, "msg", "SVID static int msginit(void); static int msgunload(void); static int sysvmsg_modload(struct module *, int, void *); +static void msq_remove(struct msqid_kernel *); +static struct prison *msg_find_prison(struct ucred *); +static int msq_prison_cansee(struct prison *, struct msqid_kernel *); +static int msg_prison_check(void *, void *); +static int msg_prison_set(void *, void *); +static int msg_prison_get(void *, void *); +static int msg_prison_remove(void *, void *); +static void msg_prison_cleanup(struct prison *); #ifdef MSG_DEBUG @@ -155,6 +166,7 @@ static struct msgmap *msgmaps; /* MSGSEG static struct msg *msghdrs;/* MSGTQL msg headers */ static struct msqid_kernel *msqids;/* MSGMNI msqid_kernel struct's */ static struct mtx msq_mtx; /* global mutex for message queues. */ +static unsigned msg_prison_slot;/* prison OSD slot */ static struct syscall_helper_data msg_syscalls[] = { SYSCALL_INIT_HELPER(msgctl), @@ -194,7 +206,15 @@ static struct syscall_helper_data msg32_ static int msginit() { + struct prison *pr; + void *rsv; int i, error; + osd_method_t methods[PR_MAXMETHOD] = { + [PR_METHOD_CHECK] = msg_prison_check, + [PR_METHOD_SET] = msg_prison_set, + [PR_METHOD_GET] = msg_prison_get, + [PR_METHOD_REMOVE] =msg_prison_remove, + }; msginfo.msgmax = msginfo.msgseg * msginfo.msgssz; msgpool = malloc(msginfo.msgmax, M_MSG, M_WAITOK); @@ -252,6 +272,29 @@ msginit() } mtx_init(_mtx, "msq", NULL, MTX_DEF); + /* Set current prisons according to their allow.sysvipc. */ + msg_prison_slot = osd_jail_register(NULL, methods); + rsv = osd_reserve(msg_prison_slot); + prison_lock(); + (void)osd_jail_set_reserved(, msg_prison_slot, rsv, ); + prison_unlock(); + rsv = NULL; + sx_slock(_lock); + TAILQ_FOREACH(pr, , pr_list) { + if (rsv == NULL) + rsv = osd_reserve(msg_prison_slot); + prison_lock(pr); + if ((pr->pr_allow & PR_ALLOW_SYSVIPC) && pr->pr_ref > 0) { + (void)osd_jail_set_reserved(pr, msg_prison_slot, rsv, + ); + rsv = NULL; + } + prison_unlock(pr); + } + if (rsv != NULL) + osd_free_reserved(rsv); + sx_sunlock(_lock); + error = syscall_helper_register(msg_syscalls, SY_THR_STATIC_KLD); if (error != 0) return (error); @@ -292,6 +335,8 @@ msgunload() if (msqid != msginfo.msgmni) return (EBUSY); + if (msg_prison_slot != 0) + osd_jail_deregister(msg_prison_slot); #ifdef MAC for (i = 0; i < msginfo.msgtql; i++) mac_sysvmsg_destroy([i]); @@ -366,6 +411,67 @@ msg_freehdr(msghdr) #endif } +static void +msq_remove(struct msqid_kernel *msqkptr) +{ + struct msg *msghdr; + + racct_sub_cred(msqkptr->cred, RACCT_NMSGQ, 1); + racct_sub_cred(msqkptr->cred, RACCT_MSGQQUEUED, msqkptr->u.msg_qnum); + racct_sub_cred(msqkptr->cred, RACCT_MSGQSIZE, msqkptr->u.msg_cbytes); + crfree(msqkptr->cred); + msqkptr->cred = NULL; + + /* Free the message headers */ + msghdr = msqkptr->u.msg_first; +
svn commit: r298584 - head/usr.sbin/jail
Author: jamie Date: Mon Apr 25 17:01:13 2016 New Revision: 298584 URL: https://svnweb.freebsd.org/changeset/base/298584 Log: Note the existence of module-specific jail paramters, starting with the linux.* parameters when linux emulation is loaded. MFC after:5 days Modified: head/usr.sbin/jail/jail.8 Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Mon Apr 25 16:53:13 2016(r298583) +++ head/usr.sbin/jail/jail.8 Mon Apr 25 17:01:13 2016(r298584) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 20, 2015 +.Dd April 25, 2016 .Dt JAIL 8 .Os .Sh NAME @@ -610,6 +610,32 @@ have not had jail functionality added to .El .El .Pp +Kernel modules may add their own parameters, which only exist when the +module is loaded. +These are typically headed under a parameter named after the module, +with values of +.Dq inherit +to give the jail full use of the module, +.Dq new +to encapsulate the jail in some module-specific way, +and +.Dq disable +to make the module unavailable to the jail. +There also may be other parameters to define jail behavior within the module. +Module-specific parameters include: +.Bl -tag -width indent +.It Va linux +Determine how a jail's Linux emulation environment appears. +A value of +.Dq inherit +will keep the same environment, and +.Dq new +will give the jail it's own environment (still originally inherited when +the jail is created). +.It Va linux.osname , linux.osrelease , linux.oss_version +The Linux OS name, OS release, and OSS version associated with this jail. +.El +.Pp There are pseudo-parameters that are not passed to the kernel, but are used by .Nm ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298573 - head/sys/compat/linux
Author: jamie Date: Mon Apr 25 06:08:45 2016 New Revision: 298573 URL: https://svnweb.freebsd.org/changeset/base/298573 Log: linux_map_osrel doesn't need to be checked in linux_prison_set, since it already was in linux_prison_check. Modified: head/sys/compat/linux/linux_mib.c Modified: head/sys/compat/linux/linux_mib.c == --- head/sys/compat/linux/linux_mib.c Mon Apr 25 05:58:32 2016 (r298572) +++ head/sys/compat/linux/linux_mib.c Mon Apr 25 06:08:45 2016 (r298573) @@ -153,7 +153,8 @@ linux_map_osrel(char *osrelease, int *os if (v < 100) return (EINVAL); - *osrel = v; + if (osrel != NULL) + *osrel = v; return (0); } @@ -249,7 +250,7 @@ linux_prison_check(void *obj __unused, v { struct vfsoptlist *opts = data; char *osname, *osrelease; - int error, jsys, len, osrel, oss_version; + int error, jsys, len, oss_version; /* Check that the parameters are correct. */ error = vfs_copyopt(opts, "linux", , sizeof(jsys)); @@ -280,7 +281,7 @@ linux_prison_check(void *obj __unused, v vfs_opterror(opts, "linux.osrelease too long"); return (ENAMETOOLONG); } - error = linux_map_osrel(osrelease, ); + error = linux_map_osrel(osrelease, NULL); if (error != 0) { vfs_opterror(opts, "linux.osrelease format error"); return (error); @@ -339,11 +340,7 @@ linux_prison_set(void *obj, void *data) */ linux_alloc_prison(pr, ); if (osrelease) { - error = linux_map_osrel(osrelease, >pr_osrel); - if (error) { - mtx_unlock(>pr_mtx); - return (error); - } + (void)linux_map_osrel(osrelease, >pr_osrel); strlcpy(lpr->pr_osrelease, osrelease, LINUX_MAX_UTSNAME); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298567 - head/sys/kern
Author: jamie Date: Mon Apr 25 04:36:54 2016 New Revision: 298567 URL: https://svnweb.freebsd.org/changeset/base/298567 Log: Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX message queues. Modified: head/sys/kern/uipc_mqueue.c Modified: head/sys/kern/uipc_mqueue.c == --- head/sys/kern/uipc_mqueue.c Mon Apr 25 04:27:58 2016(r298566) +++ head/sys/kern/uipc_mqueue.c Mon Apr 25 04:36:54 2016(r298567) @@ -154,11 +154,6 @@ struct mqfs_node { #defineFPTOMQ(fp) ((struct mqueue *)(((struct mqfs_node *) \ (fp)->f_data)->mn_data)) -struct mqfs_osd { - struct task mo_task; - const void *mo_pr_root; -}; - TAILQ_HEAD(msgq, mqueue_msg); struct mqueue; @@ -244,9 +239,7 @@ static int mqfs_destroy(struct mqfs_node static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn); static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn); static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct mqfs_node *pn); -static int mqfs_prison_create(void *obj, void *data); -static voidmqfs_prison_destructor(void *data); -static voidmqfs_prison_remove_task(void *context, int pending); +static int mqfs_prison_remove(void *obj, void *data); /* * Message queue construction and maniplation @@ -656,9 +649,8 @@ mqfs_init(struct vfsconf *vfc) { struct mqfs_node *root; struct mqfs_info *mi; - struct prison *pr; osd_method_t methods[PR_MAXMETHOD] = { - [PR_METHOD_CREATE] = mqfs_prison_create, + [PR_METHOD_REMOVE] = mqfs_prison_remove, }; mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node), @@ -686,13 +678,7 @@ mqfs_init(struct vfsconf *vfc) EVENTHANDLER_PRI_ANY); mq_fdclose = mqueue_fdclose; p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING); - - /* Note current jails. */ - mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods); - sx_slock(_lock); - TAILQ_FOREACH(pr, , pr_list) - (void)mqfs_prison_create(pr, NULL); - sx_sunlock(_lock); + mqfs_osd_jail_slot = osd_jail_register(NULL, methods); return (0); } @@ -702,14 +688,11 @@ mqfs_init(struct vfsconf *vfc) static int mqfs_uninit(struct vfsconf *vfc) { - unsigned slot; struct mqfs_info *mi; if (!unloadable) return (EOPNOTSUPP); - slot = mqfs_osd_jail_slot; - mqfs_osd_jail_slot = 0; - osd_jail_deregister(slot); + osd_jail_deregister(mqfs_osd_jail_slot); EVENTHANDLER_DEREGISTER(process_exit, exit_tag); mi = _data; mqfs_destroy(mi->mi_root); @@ -1563,64 +1546,22 @@ mqfs_rmdir(struct vop_rmdir_args *ap) #endif /* notyet */ - /* - * Set a destructor task with the prison's root + * See if this prison root is obsolete, and clean up associated queues if it is. */ static int -mqfs_prison_create(void *obj, void *data __unused) -{ - struct prison *pr = obj; - struct mqfs_osd *mo; - void *rsv; - - if (pr->pr_root == pr->pr_parent->pr_root) - return(0); - - mo = malloc(sizeof(struct mqfs_osd), M_PRISON, M_WAITOK); - rsv = osd_reserve(mqfs_osd_jail_slot); - TASK_INIT(>mo_task, 0, mqfs_prison_remove_task, mo); - mtx_lock(>pr_mtx); - mo->mo_pr_root = pr->pr_root; - (void)osd_jail_set_reserved(pr, mqfs_osd_jail_slot, rsv, mo); - mtx_unlock(>pr_mtx); - return (0); -} - -/* - * Queue the task for after jail/OSD locks are released - */ -static void -mqfs_prison_destructor(void *data) -{ - struct mqfs_osd *mo = data; - - if (mqfs_osd_jail_slot != 0) - taskqueue_enqueue(taskqueue_thread, >mo_task); - else - free(mo, M_PRISON); -} - -/* - * See if this prison root is obsolete, and clean up associated queues if it is - */ -static void -mqfs_prison_remove_task(void *context, int pending) +mqfs_prison_remove(void *obj, void *data __unused) { - struct mqfs_osd *mo = context; + const struct prison *pr = obj; + const struct prison *tpr; struct mqfs_node *pn, *tpn; - const struct prison *pr; - const void *pr_root; int found; - pr_root = mo->mo_pr_root; found = 0; - sx_slock(_lock); - TAILQ_FOREACH(pr, , pr_list) { - if (pr->pr_root == pr_root) + TAILQ_FOREACH(tpr, , pr_list) { + if (tpr->pr_root == pr->pr_root && tpr != pr && tpr->pr_ref > 0) found = 1; } - sx_sunlock(_lock); if (!found) { /* * No jails are rooted in this directory anymore, @@ -1629,15 +1570,14 @@ mqfs_prison_remove_task(void *context, i sx_xlock(_data.mi_lock);
svn commit: r298566 - head/sys/kern
Author: jamie Date: Mon Apr 25 04:27:58 2016 New Revision: 298566 URL: https://svnweb.freebsd.org/changeset/base/298566 Log: Pass the current/new jail to PR_METHOD_CHECK, which pushes the call until after the jail is found or created. This requires unlocking the jail for the call and re-locking it afterward, but that works because nothing in the jail has been changed yet, and other processes won't change the important fields as long as allprison_lock remains held. Keep better track of name vs namelc in kern_jail_set. Name should always be the hierarchical name (relative to the caller), and namelc the last component. PR: 48471 MFC after:5 days Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Mon Apr 25 04:24:00 2016(r298565) +++ head/sys/kern/kern_jail.c Mon Apr 25 04:27:58 2016(r298566) @@ -555,7 +555,7 @@ kern_jail_set(struct thread *td, struct void *op; #endif unsigned long hid; - size_t namelen, onamelen; + size_t namelen, onamelen, pnamelen; int born, created, cuflags, descend, enforce; int error, errmsg_len, errmsg_pos; int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel; @@ -580,7 +580,7 @@ kern_jail_set(struct thread *td, struct error = priv_check(td, PRIV_JAIL_ATTACH); if (error) return (error); - mypr = ppr = td->td_ucred->cr_prison; + mypr = td->td_ucred->cr_prison; if ((flags & JAIL_CREATE) && mypr->pr_childmax == 0) return (EPERM); if (flags & ~JAIL_SET_MASK) @@ -607,6 +607,13 @@ kern_jail_set(struct thread *td, struct #endif g_path = NULL; + cuflags = flags & (JAIL_CREATE | JAIL_UPDATE); + if (!cuflags) { + error = EINVAL; + vfs_opterror(opts, "no valid operation (create or update)"); + goto done_errmsg; + } + error = vfs_copyopt(opts, "jid", , sizeof(jid)); if (error == ENOENT) jid = 0; @@ -1009,42 +1016,18 @@ kern_jail_set(struct thread *td, struct } /* -* Grab the allprison lock before letting modules check their -* parameters. Once we have it, do not let go so we'll have a -* consistent view of the OSD list. -*/ - sx_xlock(_lock); - error = osd_jail_call(NULL, PR_METHOD_CHECK, opts); - if (error) - goto done_unlock_list; - - /* By now, all parameters should have been noted. */ - TAILQ_FOREACH(opt, opts, link) { - if (!opt->seen && strcmp(opt->name, "errmsg")) { - error = EINVAL; - vfs_opterror(opts, "unknown parameter: %s", opt->name); - goto done_unlock_list; - } - } - - /* -* See if we are creating a new record or updating an existing one. +* Find the specified jail, or at least its parent. * This abuses the file error codes ENOENT and EEXIST. */ - cuflags = flags & (JAIL_CREATE | JAIL_UPDATE); - if (!cuflags) { - error = EINVAL; - vfs_opterror(opts, "no valid operation (create or update)"); - goto done_unlock_list; - } pr = NULL; - namelc = NULL; + ppr = mypr; if (cuflags == JAIL_CREATE && jid == 0 && name != NULL) { namelc = strrchr(name, '.'); jid = strtoul(namelc != NULL ? namelc + 1 : name, , 10); if (*p != '\0') jid = 0; } + sx_xlock(_lock); if (jid != 0) { /* * See if a requested jid already exists. There is an @@ -1110,6 +1093,7 @@ kern_jail_set(struct thread *td, struct * and updates keyed by the name itself (where the name must exist * because that is the jail being updated). */ + namelc = NULL; if (name != NULL) { namelc = strrchr(name, '.'); if (namelc == NULL) @@ -1120,7 +1104,6 @@ kern_jail_set(struct thread *td, struct * parent and child names, and make sure the parent * exists or matches an already found jail. */ - *namelc = '\0'; if (pr != NULL) { if (strncmp(name, ppr->pr_name, namelc - name) || ppr->pr_name[namelc - name] != '\0') { @@ -1131,6 +1114,7 @@ kern_jail_set(struct thread *td, struct goto done_unlock_list; } } else { + *namelc = '\0'; ppr =
svn commit: r298565 - in head/sys: kern sys
Author: jamie Date: Mon Apr 25 04:24:00 2016 New Revision: 298565 URL: https://svnweb.freebsd.org/changeset/base/298565 Log: Add a new jail OSD method, PR_METHOD_REMOVE. It's called when a jail is removed from the user perspective, i.e. when the last pr_uref goes away, even though the jail mail still exist in the dying state. It will also be called if either PR_METHOD_CREATE or PR_METHOD_SET fail. PR: 48471 MFC after: 5 days Modified: head/sys/kern/kern_jail.c head/sys/sys/jail.h Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Mon Apr 25 03:58:08 2016(r298564) +++ head/sys/kern/kern_jail.c Mon Apr 25 04:24:00 2016(r298565) @@ -556,7 +556,8 @@ kern_jail_set(struct thread *td, struct #endif unsigned long hid; size_t namelen, onamelen; - int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos; + int born, created, cuflags, descend, enforce; + int error, errmsg_len, errmsg_pos; int gotchildmax, gotenforce, gothid, gotrsnum, gotslevel; int fi, jid, jsys, len, level; int childmax, osreldt, rsnum, slevel; @@ -1767,6 +1768,7 @@ kern_jail_set(struct thread *td, struct * for now, so new ones will remain unseen until after the module * handlers have completed. */ + born = pr->pr_uref == 0; if (!created && (ch_flags & PR_PERSIST & (pr_flags ^ pr->pr_flags))) { if (pr_flags & PR_PERSIST) { pr->pr_ref++; @@ -1836,15 +1838,20 @@ kern_jail_set(struct thread *td, struct /* Let the modules do their work. */ sx_downgrade(_lock); - if (created) { + if (born) { error = osd_jail_call(pr, PR_METHOD_CREATE, opts); if (error) { - prison_deref(pr, PD_LIST_SLOCKED); + (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL); + prison_deref(pr, created + ? PD_LIST_SLOCKED + : PD_DEREF | PD_LIST_SLOCKED); goto done_errmsg; } } error = osd_jail_call(pr, PR_METHOD_SET, opts); if (error) { + if (born) + (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL); prison_deref(pr, created ? PD_LIST_SLOCKED : PD_DEREF | PD_LIST_SLOCKED); @@ -1896,7 +1903,7 @@ kern_jail_set(struct thread *td, struct sx_sunlock(_lock); } - goto done_errmsg; + goto done_free; done_deref_locked: prison_deref(pr, created @@ -2596,19 +2603,46 @@ static void prison_deref(struct prison *pr, int flags) { struct prison *ppr, *tpr; + int ref, lasturef; if (!(flags & PD_LOCKED)) mtx_lock(>pr_mtx); for (;;) { if (flags & PD_DEUREF) { pr->pr_uref--; + lasturef = pr->pr_uref == 0; + if (lasturef) + pr->pr_ref++; KASSERT(prison0.pr_uref != 0, ("prison0 pr_uref=0")); - } + } else + lasturef = 0; if (flags & PD_DEREF) pr->pr_ref--; - /* If the prison still has references, nothing else to do. */ - if (pr->pr_ref > 0) { + ref = pr->pr_ref; + mtx_unlock(>pr_mtx); + + /* +* Tell the modules if the last user reference was removed +* (even it sticks around in dying state). +*/ + if (lasturef) { + if (!(flags & (PD_LIST_SLOCKED | PD_LIST_XLOCKED))) { + if (ref > 1) { + sx_slock(_lock); + flags |= PD_LIST_SLOCKED; + } else { + sx_xlock(_lock); + flags |= PD_LIST_XLOCKED; + } + } + (void)osd_jail_call(pr, PR_METHOD_REMOVE, NULL); + mtx_lock(>pr_mtx); + ref = --pr->pr_ref; mtx_unlock(>pr_mtx); + } + + /* If the prison still has references, nothing else to do. */ + if (ref > 0) { if (flags & PD_LIST_SLOCKED) sx_sunlock(_lock); else if (flags & PD_LIST_XLOCKED) @@ -2616,7 +2650,6 @@ prison_deref(struct prison *pr, int flag return; } - mtx_unlock(>pr_mtx);
svn commit: r298564 - in head/sys: kern sys
Author: jamie Date: Mon Apr 25 03:58:08 2016 New Revision: 298564 URL: https://svnweb.freebsd.org/changeset/base/298564 Log: Remove the PR_REMOVE flag, which was meant as a temporary marker for a jail that might be seen mid-removal. It hasn't been doing the right thing since at least the ability to resurrect dying jails, and such resurrection also makes it unnecessary. Modified: head/sys/kern/kern_jail.c head/sys/sys/jail.h Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Mon Apr 25 03:48:28 2016(r298563) +++ head/sys/kern/kern_jail.c Mon Apr 25 03:58:08 2016(r298564) @@ -1222,7 +1222,7 @@ kern_jail_set(struct thread *td, struct } created = 1; mtx_lock(>pr_mtx); - if (ppr->pr_ref == 0 || (ppr->pr_flags & PR_REMOVE)) { + if (ppr->pr_ref == 0) { mtx_unlock(>pr_mtx); error = ENOENT; vfs_opterror(opts, "parent jail went away!"); @@ -2273,7 +2273,6 @@ sys_jail_remove(struct thread *td, struc /* Remove all descendants of this prison, then remove this prison. */ pr->pr_ref++; - pr->pr_flags |= PR_REMOVE; if (!LIST_EMPTY(>pr_children)) { mtx_unlock(>pr_mtx); lpr = NULL; @@ -2282,7 +2281,6 @@ sys_jail_remove(struct thread *td, struc if (cpr->pr_ref > 0) { tpr = cpr; cpr->pr_ref++; - cpr->pr_flags |= PR_REMOVE; } else { /* Already removed - do not do it again. */ tpr = NULL; Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Mon Apr 25 03:48:28 2016(r298563) +++ head/sys/sys/jail.h Mon Apr 25 03:58:08 2016(r298564) @@ -210,7 +210,6 @@ struct prison_racct { /* primary jail address. */ /* Internal flag bits */ -#definePR_REMOVE 0x0100 /* In process of being removed */ #definePR_IP4 0x0200 /* IPv4 restricted or disabled */ /* by this jail or an ancestor */ #definePR_IP6 0x0400 /* IPv6 restricted or disabled */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298562 - head/usr.sbin/jail
Author: jamie Date: Mon Apr 25 03:24:48 2016 New Revision: 298562 URL: https://svnweb.freebsd.org/changeset/base/298562 Log: Make jail(8) interpret escape codes in fstab the same as getfsent(3). PR: 208663 MFC after:3 days Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cMon Apr 25 03:14:55 2016 (r298561) +++ head/usr.sbin/jail/command.cMon Apr 25 03:24:48 2016 (r298562) @@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include "jailp.h" @@ -444,8 +445,14 @@ run_command(struct cfjail *j) strcpy(comcs, comstring->s); argc = 0; for (cs = strtok(comcs, " \t\f\v\r\n"); cs && argc < 4; -cs = strtok(NULL, " \t\f\v\r\n")) +cs = strtok(NULL, " \t\f\v\r\n")) { + if (argc <= 1 && strunvis(cs, cs) < 0) { + jail_warnx(j, "%s: %s: fstab parse error", + j->intparams[comparam]->name, comstring->s); + return -1; + } argv[argc++] = cs; + } if (argc == 0) return 0; if (argc < 3) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r298516 - head/etc/rc.d
Author: jamie Date: Sat Apr 23 16:23:01 2016 New Revision: 298516 URL: https://svnweb.freebsd.org/changeset/base/298516 Log: Don't remove the /var/run/jail_name.id file if a jail fails to start. This messes up ezjail (and possibly others), when attempting to start a jail that already exists. PR: 208806 Reviewed by: tj MFC after:5 days Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail == --- head/etc/rc.d/jail Sat Apr 23 16:19:34 2016(r298515) +++ head/etc/rc.d/jail Sat Apr 23 16:23:01 2016(r298516) @@ -489,7 +489,6 @@ jail_start() if _jid=$($jail_jls -j $_j jid); then echo "$_jid" > /var/run/jail_${_j}.id else - rm -f /var/run/jail_${_j}.id echo " cannot start jail " \ "\"${_hostname:-${_j}}\": " fi @@ -513,7 +512,6 @@ jail_start() _jid=$($jail_jls -j $_j jid) echo $_jid > /var/run/jail_${_j}.id else - rm -f /var/run/jail_${_j}.id echo " cannot start jail " \ "\"${_hostname:-${_j}}\": " cat $_tmp ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r297976 - head/sys/kern
Author: jamie Date: Thu Apr 14 17:07:26 2016 New Revision: 297976 URL: https://svnweb.freebsd.org/changeset/base/297976 Log: Clean up some style(9) violations. Modified: head/sys/kern/uipc_mqueue.c head/sys/kern/uipc_sem.c head/sys/kern/uipc_shm.c Modified: head/sys/kern/uipc_mqueue.c == --- head/sys/kern/uipc_mqueue.c Thu Apr 14 17:06:37 2016(r297975) +++ head/sys/kern/uipc_mqueue.c Thu Apr 14 17:07:26 2016(r297976) @@ -686,7 +686,8 @@ mqfs_init(struct vfsconf *vfc) EVENTHANDLER_PRI_ANY); mq_fdclose = mqueue_fdclose; p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING); - /* Note current jails */ + + /* Note current jails. */ mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods); sx_slock(_lock); TAILQ_FOREACH(pr, , pr_list) @@ -1423,6 +1424,7 @@ mqfs_readdir(struct vop_readdir_args *ap LIST_FOREACH(pn, >mn_children, mn_sibling) { entry.d_reclen = sizeof(entry); + /* * Only show names within the same prison root directory * (or not associated with a prison, e.g. "." and ".."). Modified: head/sys/kern/uipc_sem.c == --- head/sys/kern/uipc_sem.cThu Apr 14 17:06:37 2016(r297975) +++ head/sys/kern/uipc_sem.cThu Apr 14 17:07:26 2016(r297976) @@ -271,13 +271,11 @@ ksem_fill_kinfo(struct file *fp, struct mtx_unlock(_lock); if (ks->ks_path != NULL) { sx_slock(_dict_lock); - if (ks->ks_path != NULL) - { + if (ks->ks_path != NULL) { path = ks->ks_path; pr_path = curthread->td_ucred->cr_prison->pr_path; - if (strcmp(pr_path, "/") != 0) - { - /* Return the jail-rooted pathname */ + if (strcmp(pr_path, "/") != 0) { + /* Return the jail-rooted pathname. */ pr_pathlen = strlen(pr_path); if (strncmp(path, pr_path, pr_pathlen) == 0 && path[pr_pathlen] == '/') @@ -503,7 +501,8 @@ ksem_create(struct thread *td, const cha } else { path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK); pr_path = td->td_ucred->cr_prison->pr_path; - /* Construct a full pathname for jailed callers */ + + /* Construct a full pathname for jailed callers. */ pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 : strlcpy(path, pr_path, MAXPATHLEN); error = copyinstr(name, path + pr_pathlen, Modified: head/sys/kern/uipc_shm.c == --- head/sys/kern/uipc_shm.cThu Apr 14 17:06:37 2016(r297975) +++ head/sys/kern/uipc_shm.cThu Apr 14 17:07:26 2016(r297976) @@ -727,7 +727,8 @@ kern_shm_open(struct thread *td, const c } else { path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK); pr_path = td->td_ucred->cr_prison->pr_path; - /* Construct a full pathname for jailed callers */ + + /* Construct a full pathname for jailed callers. */ pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 : strlcpy(path, pr_path, MAXPATHLEN); error = copyinstr(userpath, path + pr_pathlen, @@ -1087,13 +1088,11 @@ shm_fill_kinfo(struct file *fp, struct k kif->kf_un.kf_file.kf_file_size = shmfd->shm_size; if (shmfd->shm_path != NULL) { sx_slock(_dict_lock); - if (shmfd->shm_path != NULL) - { + if (shmfd->shm_path != NULL) { path = shmfd->shm_path; pr_path = curthread->td_ucred->cr_prison->pr_path; - if (strcmp(pr_path, "/") != 0) - { - /* Return the jail-rooted pathname */ + if (strcmp(pr_path, "/") != 0) { + /* Return the jail-rooted pathname. */ pr_pathlen = strlen(pr_path); if (strncmp(path, pr_path, pr_pathlen) == 0 && path[pr_pathlen] == '/') ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r297936 - head/sys/kern
Author: jamie Date: Wed Apr 13 20:15:49 2016 New Revision: 297936 URL: https://svnweb.freebsd.org/changeset/base/297936 Log: Separate POSIX mqueue objects in jails; actually, separate them by the jail's root, so jails that don't have their own filesystem directory also won't have their own mqueue namespace. PR: 208082 Modified: head/sys/kern/uipc_mqueue.c Modified: head/sys/kern/uipc_mqueue.c == --- head/sys/kern/uipc_mqueue.c Wed Apr 13 20:14:13 2016(r297935) +++ head/sys/kern/uipc_mqueue.c Wed Apr 13 20:15:49 2016(r297936) @@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -60,8 +61,8 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include -#include #include #include #include @@ -132,6 +133,7 @@ struct mqfs_node { LIST_HEAD(,mqfs_node) mn_children; LIST_ENTRY(mqfs_node) mn_sibling; LIST_HEAD(,mqfs_vdata) mn_vnodes; + const void *mn_pr_root; int mn_refcount; mqfs_type_t mn_type; int mn_deleted; @@ -152,6 +154,11 @@ struct mqfs_node { #defineFPTOMQ(fp) ((struct mqueue *)(((struct mqfs_node *) \ (fp)->f_data)->mn_data)) +struct mqfs_osd { + struct task mo_task; + const void *mo_pr_root; +}; + TAILQ_HEAD(msgq, mqueue_msg); struct mqueue; @@ -219,6 +226,7 @@ static uma_zone_t mvdata_zone; static uma_zone_t mqnoti_zone; static struct vop_vector mqfs_vnodeops; static struct fileops mqueueops; +static unsignedmqfs_osd_jail_slot; /* * Directory structure construction and manipulation @@ -236,6 +244,9 @@ static int mqfs_destroy(struct mqfs_node static voidmqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn); static voidmqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn); static int mqfs_allocv(struct mount *mp, struct vnode **vpp, struct mqfs_node *pn); +static int mqfs_prison_create(void *obj, void *data); +static voidmqfs_prison_destructor(void *data); +static voidmqfs_prison_remove_task(void *context, int pending); /* * Message queue construction and maniplation @@ -436,6 +447,7 @@ mqfs_create_node(const char *name, int n node = mqnode_alloc(); strncpy(node->mn_name, name, namelen); + node->mn_pr_root = cred->cr_prison->pr_root; node->mn_type = nodetype; node->mn_refcount = 1; vfs_timestamp(>mn_birth); @@ -644,6 +656,10 @@ mqfs_init(struct vfsconf *vfc) { struct mqfs_node *root; struct mqfs_info *mi; + struct prison *pr; + osd_method_t methods[PR_MAXMETHOD] = { + [PR_METHOD_CREATE] = mqfs_prison_create, + }; mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); @@ -670,6 +686,12 @@ mqfs_init(struct vfsconf *vfc) EVENTHANDLER_PRI_ANY); mq_fdclose = mqueue_fdclose; p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING); + /* Note current jails */ + mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods); + sx_slock(_lock); + TAILQ_FOREACH(pr, , pr_list) + (void)mqfs_prison_create(pr, NULL); + sx_sunlock(_lock); return (0); } @@ -679,10 +701,14 @@ mqfs_init(struct vfsconf *vfc) static int mqfs_uninit(struct vfsconf *vfc) { + unsigned slot; struct mqfs_info *mi; if (!unloadable) return (EOPNOTSUPP); + slot = mqfs_osd_jail_slot; + mqfs_osd_jail_slot = 0; + osd_jail_deregister(slot); EVENTHANDLER_DEREGISTER(process_exit, exit_tag); mi = _data; mqfs_destroy(mi->mi_root); @@ -800,13 +826,17 @@ found: * Search a directory entry */ static struct mqfs_node * -mqfs_search(struct mqfs_node *pd, const char *name, int len) +mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred *cred) { struct mqfs_node *pn; + const void *pr_root; sx_assert(>mn_info->mi_lock, SX_LOCKED); + pr_root = cred->cr_prison->pr_root; LIST_FOREACH(pn, >mn_children, mn_sibling) { - if (strncmp(pn->mn_name, name, len) == 0 && + /* Only match names within the same prison root directory */ + if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) && + strncmp(pn->mn_name, name, len) == 0 && pn->mn_name[len] == '\0') return (pn); } @@ -878,7 +908,7 @@ mqfs_lookupx(struct vop_cachedlookup_arg /* named node */ sx_xlock(>mi_lock); - pn = mqfs_search(pd, pname, namelen); +
svn commit: r297935 - head/sys/kern
Author: jamie Date: Wed Apr 13 20:14:13 2016 New Revision: 297935 URL: https://svnweb.freebsd.org/changeset/base/297935 Log: Separate POSIX sem/shm objects in jails, by prepending the jail's path name to the object's "path". While the objects don't have real path names, it's a filesystem-like namespace, which allows jails to be kept to their own space, but still allows the system / jail parent to access a jail's IPC. PR: 208082 Modified: head/sys/kern/uipc_sem.c head/sys/kern/uipc_shm.c Modified: head/sys/kern/uipc_sem.c == --- head/sys/kern/uipc_sem.cWed Apr 13 20:12:02 2016(r297934) +++ head/sys/kern/uipc_sem.cWed Apr 13 20:14:13 2016(r297935) @@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -258,7 +259,9 @@ ksem_closef(struct file *fp, struct thre static int ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) { + const char *path, *pr_path; struct ksem *ks; + size_t pr_pathlen; kif->kf_type = KF_TYPE_SEM; ks = fp->f_data; @@ -269,7 +272,19 @@ ksem_fill_kinfo(struct file *fp, struct if (ks->ks_path != NULL) { sx_slock(_dict_lock); if (ks->ks_path != NULL) - strlcpy(kif->kf_path, ks->ks_path, sizeof(kif->kf_path)); + { + path = ks->ks_path; + pr_path = curthread->td_ucred->cr_prison->pr_path; + if (strcmp(pr_path, "/") != 0) + { + /* Return the jail-rooted pathname */ + pr_pathlen = strlen(pr_path); + if (strncmp(path, pr_path, pr_pathlen) == 0 && + path[pr_pathlen] == '/') + path += pr_pathlen; + } + strlcpy(kif->kf_path, path, sizeof(kif->kf_path)); + } sx_sunlock(_dict_lock); } return (0); @@ -449,6 +464,8 @@ ksem_create(struct thread *td, const cha struct ksem *ks; struct file *fp; char *path; + const char *pr_path; + size_t pr_pathlen; Fnv32_t fnv; int error, fd; @@ -485,10 +502,15 @@ ksem_create(struct thread *td, const cha ks->ks_flags |= KS_ANONYMOUS; } else { path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK); - error = copyinstr(name, path, MAXPATHLEN, NULL); + pr_path = td->td_ucred->cr_prison->pr_path; + /* Construct a full pathname for jailed callers */ + pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 + : strlcpy(path, pr_path, MAXPATHLEN); + error = copyinstr(name, path + pr_pathlen, + MAXPATHLEN - pr_pathlen, NULL); /* Require paths to start with a '/' character. */ - if (error == 0 && path[0] != '/') + if (error == 0 && path[pr_pathlen] != '/') error = EINVAL; if (error) { fdclose(td, fp, fd); @@ -624,11 +646,17 @@ int sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap) { char *path; + const char *pr_path; + size_t pr_pathlen; Fnv32_t fnv; int error; path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); - error = copyinstr(uap->name, path, MAXPATHLEN, NULL); + pr_path = td->td_ucred->cr_prison->pr_path; + pr_pathlen = strcmp(pr_path, "/") == 0 ? 0 + : strlcpy(path, pr_path, MAXPATHLEN); + error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen, + NULL); if (error) { free(path, M_TEMP); return (error); Modified: head/sys/kern/uipc_shm.c == --- head/sys/kern/uipc_shm.cWed Apr 13 20:12:02 2016(r297934) +++ head/sys/kern/uipc_shm.cWed Apr 13 20:14:13 2016(r297935) @@ -57,6 +57,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -687,6 +688,8 @@ kern_shm_open(struct thread *td, const c struct shmfd *shmfd; struct file *fp; char *path; + const char *pr_path; + size_t pr_pathlen; Fnv32_t fnv; mode_t cmode; int fd, error; @@ -723,13 +726,18 @@ kern_shm_open(struct thread *td, const c shmfd = shm_alloc(td->td_ucred, cmode); } else { path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK); - error = copyinstr(userpath, path, MAXPATHLEN, NULL); + pr_path = td->td_ucred->cr_prison->pr_path; +
svn commit: r297424 - head/sys/compat/linux
Author: jamie Date: Wed Mar 30 17:05:04 2016 New Revision: 297424 URL: https://svnweb.freebsd.org/changeset/base/297424 Log: Use osd_reserve / osd_jail_set_reserved, which is known to succeed. Also don't work around nonexistent osd_register failure. Modified: head/sys/compat/linux/linux_mib.c Modified: head/sys/compat/linux/linux_mib.c == --- head/sys/compat/linux/linux_mib.c Wed Mar 30 17:00:33 2016 (r297423) +++ head/sys/compat/linux/linux_mib.c Wed Mar 30 17:05:04 2016 (r297424) @@ -168,9 +168,6 @@ linux_find_prison(struct prison *spr, st struct prison *pr; struct linux_prison *lpr; - if (!linux_osd_jail_slot) - /* In case osd_register failed. */ - spr = for (pr = spr;; pr = pr->pr_parent) { mtx_lock(>pr_mtx); lpr = (pr == ) @@ -189,15 +186,14 @@ linux_find_prison(struct prison *spr, st * Ensure a prison has its own Linux info. If lprp is non-null, point it to * the Linux info and lock the prison. */ -static int +static void linux_alloc_prison(struct prison *pr, struct linux_prison **lprp) { struct prison *ppr; struct linux_prison *lpr, *nlpr; - int error; + void *rsv; /* If this prison already has Linux info, return that. */ - error = 0; lpr = linux_find_prison(pr, ); if (ppr == pr) goto done; @@ -207,29 +203,24 @@ linux_alloc_prison(struct prison *pr, st */ mtx_unlock(>pr_mtx); nlpr = malloc(sizeof(struct linux_prison), M_PRISON, M_WAITOK); + rsv = osd_reserve(linux_osd_jail_slot); lpr = linux_find_prison(pr, ); if (ppr == pr) { free(nlpr, M_PRISON); + osd_free_reserved(rsv); goto done; } /* Inherit the initial values from the ancestor. */ mtx_lock(>pr_mtx); - error = osd_jail_set(pr, linux_osd_jail_slot, nlpr); - if (error == 0) { - bcopy(lpr, nlpr, sizeof(*lpr)); - lpr = nlpr; - } else { - free(nlpr, M_PRISON); - lpr = NULL; - } + (void)osd_jail_set_reserved(pr, linux_osd_jail_slot, rsv, nlpr); + bcopy(lpr, nlpr, sizeof(*lpr)); + lpr = nlpr; mtx_unlock(>pr_mtx); done: if (lprp != NULL) *lprp = lpr; else mtx_unlock(>pr_mtx); - - return (error); } /* @@ -249,7 +240,8 @@ linux_prison_create(void *obj, void *dat * Inherit a prison's initial values from its parent * (different from JAIL_SYS_INHERIT which also inherits changes). */ - return (linux_alloc_prison(pr, NULL)); + linux_alloc_prison(pr, NULL); + return (0); } static int @@ -345,11 +337,7 @@ linux_prison_set(void *obj, void *data) * "linux=new" or "linux.*": * the prison gets its own Linux info. */ - error = linux_alloc_prison(pr, ); - if (error) { - mtx_unlock(>pr_mtx); - return (error); - } + linux_alloc_prison(pr, ); if (osrelease) { error = linux_map_osrel(osrelease, >pr_osrel); if (error) { @@ -449,21 +437,18 @@ linux_osd_jail_register(void) linux_osd_jail_slot = osd_jail_register(linux_prison_destructor, methods); - if (linux_osd_jail_slot > 0) { - /* Copy the system linux info to any current prisons. */ - sx_xlock(_lock); - TAILQ_FOREACH(pr, , pr_list) - (void)linux_alloc_prison(pr, NULL); - sx_xunlock(_lock); - } + /* Copy the system linux info to any current prisons. */ + sx_slock(_lock); + TAILQ_FOREACH(pr, , pr_list) + linux_alloc_prison(pr, NULL); + sx_sunlock(_lock); } void linux_osd_jail_deregister(void) { - if (linux_osd_jail_slot) - osd_jail_deregister(linux_osd_jail_slot); + osd_jail_deregister(linux_osd_jail_slot); } void ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r297422 - in head: share/man/man9 sys/kern sys/sys
Author: jamie Date: Wed Mar 30 16:57:28 2016 New Revision: 297422 URL: https://svnweb.freebsd.org/changeset/base/297422 Log: Add osd_reserve() and osd_set_reserved(), which allow M_WAITOK allocation of an OSD array, Modified: head/share/man/man9/osd.9 head/sys/kern/kern_osd.c head/sys/sys/osd.h Modified: head/share/man/man9/osd.9 == --- head/share/man/man9/osd.9 Wed Mar 30 16:54:18 2016(r297421) +++ head/share/man/man9/osd.9 Wed Mar 30 16:57:28 2016(r297422) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 5, 2011 +.Dd March 30, 2016 .Dt OSD 9 .Os .Sh NAME @@ -33,6 +33,9 @@ .Nm osd_register , .Nm osd_deregister , .Nm osd_set , +.Nm osd_reserve , +.Nm osd_set_reserved , +.Nm osd_free_reserved , .Nm osd_get , .Nm osd_del , .Nm osd_call , @@ -63,6 +66,22 @@ .Fa "void *value" .Fc .Ft void * +.Fo osd_reserve +.Fa "u_int slot" +.Fc +.Ft int +.Fo osd_set_reserved +.Fa "u_int type" +.Fa "struct osd *osd" +.Fa "u_int slot" +.Fa "void *rsv" +.Fa "void *value" +.Fc +.Ft void +.Fo osd_free_reserved +.Fa "void *rsv" +.Fc +.Ft void * .Fo osd_get .Fa "u_int type" .Fa "struct osd *osd" @@ -198,6 +217,15 @@ argument points to a data object to asso .Fa osd . .Pp The +.Fn osd_set_reserved +function does the same as +.Fn osd_set , +but with an extra argument +.Fa rsv +that is internal-use memory previously allocated via +.Fn osd_reserve . +.Pp +The .Fn osd_get function returns the data pointer associated with a kernel data structure's .Vt struct osd @@ -324,6 +352,24 @@ will proceed without any .Xr realloc 9 calls. .Pp +It is possible for +.Fn osd_set +to fail to allocate this array. To ensure that such allocation succeeds, +.Fn osd_reserve +may be called (in a non-blocking context), and it will pre-allocate the +memory via +.Xr malloc 9 +with M_WAITOK. +Then this pre-allocated memory is passed to +.Fn osd_set_reserved , +which will use it if necessary or otherwise discard it. +The memory may also be explicitly discarded by calling +.Fn osd_free_reserved . +As this method always allocates memory whether or not it is ultimately needed, +it should be used only rarely, such as in the unlikely event that +.Fn osd_set +fails. +.Pp The .Nm API is geared towards slot identifiers storing pointers to the same underlying @@ -359,15 +405,27 @@ the kernel including most fast paths. returns the slot identifier for the newly registered data type. .Pp .Fn osd_set -returns zero on success or ENOMEM if the specified type/slot identifier pair +and +.Fn osd_set_reserved +return zero on success or ENOMEM if the specified type/slot identifier pair triggered an internal .Xr realloc 9 -which failed. +which failed +.Fn ( osd_set_reserved +will always succeed when +.Fa rsv +is non-NULL). .Pp .Fn osd_get returns the data pointer for the specified type/slot identifier pair, or NULL if the slot has not been initialised yet. .Pp +.Fn osd_reserve +returns a pointer suitable for passing to +.Fn osd_set_reserved +or +.Fn osd_free_reserved . +.Pp .Fn osd_call returns zero if no method is run or the method for each slot runs successfully. If a method for a slot returns non-zero, Modified: head/sys/kern/kern_osd.c == --- head/sys/kern/kern_osd.cWed Mar 30 16:54:18 2016(r297421) +++ head/sys/kern/kern_osd.cWed Mar 30 16:57:28 2016(r297422) @@ -54,7 +54,7 @@ struct osd_master { struct sxosd_module_lock; struct rmlockosd_object_lock; struct mtx osd_list_lock; - LIST_HEAD(, osd) osd_list; /* (m) */ + LIST_HEAD(, osd) osd_list; /* (l) */ osd_destructor_t*osd_destructors; /* (o) */ osd_method_t*osd_methods; /* (m) */ u_intosd_ntslots; /* (m) */ @@ -198,6 +198,24 @@ osd_deregister(u_int type, u_int slot) int osd_set(u_int type, struct osd *osd, u_int slot, void *value) { + + return (osd_set_reserved(type, osd, slot, NULL, value)); +} + +void * +osd_reserve(u_int slot) +{ + + KASSERT(slot > 0, ("Invalid slot.")); + + OSD_DEBUG("Reserving slot array (slot=%u).", slot); + return (malloc(sizeof(void *) * slot, M_OSD, M_WAITOK | M_ZERO)); +} + +int +osd_set_reserved(u_int type, struct osd *osd, u_int slot, void *rsv, +void *value) +{ struct rm_priotracker tracker; KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type.")); @@ -206,36 +224,34 @@ osd_set(u_int type, struct osd *osd, u_i rm_rlock([type].osd_object_lock, ); if (slot > osd->osd_nslots) { + void *newptr; + if (value == NULL) { OSD_DEBUG( "Not allocating null slot (type=%u, slot=%u).",
svn commit: r297367 - head/sys/kern
Author: jamie Date: Mon Mar 28 22:18:37 2016 New Revision: 297367 URL: https://svnweb.freebsd.org/changeset/base/297367 Log: Move the various per-type arrays of OSD data into a single structure array. Modified: head/sys/kern/kern_osd.c Modified: head/sys/kern/kern_osd.c == --- head/sys/kern/kern_osd.cMon Mar 28 21:51:56 2016(r297366) +++ head/sys/kern/kern_osd.cMon Mar 28 22:18:37 2016(r297367) @@ -44,6 +44,23 @@ __FBSDID("$FreeBSD$"); /* OSD (Object Specific Data) */ +/* + * Lock key: + * (m) osd_module_lock + * (o) osd_object_lock + * (l) osd_list_lock + */ +struct osd_master { + struct sxosd_module_lock; + struct rmlockosd_object_lock; + struct mtx osd_list_lock; + LIST_HEAD(, osd) osd_list; /* (m) */ + osd_destructor_t*osd_destructors; /* (o) */ + osd_method_t*osd_methods; /* (m) */ + u_intosd_ntslots; /* (m) */ + const u_int osd_nmethods; +}; + static MALLOC_DEFINE(M_OSD, "osd", "Object Specific Data"); static int osd_debug = 0; @@ -61,25 +78,12 @@ static void do_osd_del(u_int type, struc int list_locked); /* - * Lists of objects with OSD. - * - * Lock key: - * (m) osd_module_lock - * (o) osd_object_lock - * (l) osd_list_lock + * List of objects with OSD. */ -static LIST_HEAD(, osd)osd_list[OSD_LAST + 1]; /* (m) */ -static osd_method_t *osd_methods[OSD_LAST + 1];/* (m) */ -static u_int osd_nslots[OSD_LAST + 1]; /* (m) */ -static osd_destructor_t *osd_destructors[OSD_LAST + 1];/* (o) */ -static const u_int osd_nmethods[OSD_LAST + 1] = { - [OSD_JAIL] = PR_MAXMETHOD, +struct osd_master osdm[OSD_LAST + 1] = { + [OSD_JAIL] = { .osd_nmethods = PR_MAXMETHOD }, }; -static struct sx osd_module_lock[OSD_LAST + 1]; -static struct rmlock osd_object_lock[OSD_LAST + 1]; -static struct mtx osd_list_lock[OSD_LAST + 1]; - static void osd_default_destructor(void *value __unused) { @@ -101,12 +105,12 @@ osd_register(u_int type, osd_destructor_ if (destructor == NULL) destructor = osd_default_destructor; - sx_xlock(_module_lock[type]); + sx_xlock([type].osd_module_lock); /* * First, we try to find unused slot. */ - for (i = 0; i < osd_nslots[type]; i++) { - if (osd_destructors[type][i] == NULL) { + for (i = 0; i < osdm[type].osd_ntslots; i++) { + if (osdm[type].osd_destructors[i] == NULL) { OSD_DEBUG("Unused slot found (type=%u, slot=%u).", type, i); break; @@ -115,31 +119,31 @@ osd_register(u_int type, osd_destructor_ /* * If no unused slot was found, allocate one. */ - if (i == osd_nslots[type]) { - osd_nslots[type]++; - if (osd_nmethods[type] != 0) - osd_methods[type] = realloc(osd_methods[type], - sizeof(osd_method_t) * osd_nslots[type] * - osd_nmethods[type], M_OSD, M_WAITOK); - newptr = malloc(sizeof(osd_destructor_t) * osd_nslots[type], - M_OSD, M_WAITOK); - rm_wlock(_object_lock[type]); - bcopy(osd_destructors[type], newptr, + if (i == osdm[type].osd_ntslots) { + osdm[type].osd_ntslots++; + if (osdm[type].osd_nmethods != 0) + osdm[type].osd_methods = realloc(osdm[type].osd_methods, + sizeof(osd_method_t) * osdm[type].osd_ntslots * + osdm[type].osd_nmethods, M_OSD, M_WAITOK); + newptr = malloc(sizeof(osd_destructor_t) * + osdm[type].osd_ntslots, M_OSD, M_WAITOK); + rm_wlock([type].osd_object_lock); + bcopy(osdm[type].osd_destructors, newptr, sizeof(osd_destructor_t) * i); - free(osd_destructors[type], M_OSD); - osd_destructors[type] = newptr; - rm_wunlock(_object_lock[type]); + free(osdm[type].osd_destructors, M_OSD); + osdm[type].osd_destructors = newptr; + rm_wunlock([type].osd_object_lock); OSD_DEBUG("New slot allocated (type=%u, slot=%u).", type, i + 1); } - osd_destructors[type][i] = destructor; - if (osd_nmethods[type] != 0) { - for (m = 0; m < osd_nmethods[type]; m++) - osd_methods[type][i * osd_nmethods[type] + m] = - methods != NULL ? methods[m] : NULL; + osdm[type].osd_destructors[i] = destructor; + if (osdm[type].osd_nmethods != 0) { +
svn commit: r295468 - in head: lib/libc/sys usr.sbin/jail
Author: jamie Date: Wed Feb 10 14:48:49 2016 New Revision: 295468 URL: https://svnweb.freebsd.org/changeset/base/295468 Log: Remove man page references to rndassociates.com, which has been taken over by a domain squatter. Modified: head/lib/libc/sys/jail.2 head/usr.sbin/jail/jail.8 head/usr.sbin/jail/jail.conf.5 Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Wed Feb 10 12:14:56 2016(r295467) +++ head/lib/libc/sys/jail.2Wed Feb 10 14:48:49 2016(r295468) @@ -405,7 +405,6 @@ system calls appeared in The jail feature was written by .An Poul-Henning Kamp for R Associates -.Dq Li http://www.rndassociates.com/ who contributed it to .Fx . .An James Gritton Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Wed Feb 10 12:14:56 2016(r295467) +++ head/usr.sbin/jail/jail.8 Wed Feb 10 14:48:49 2016(r295468) @@ -1260,7 +1260,6 @@ The configuration file was introduced in The jail feature was written by .An Poul-Henning Kamp for R Associates -.Pa http://www.rndassociates.com/ who contributed it to .Fx . .Pp Modified: head/usr.sbin/jail/jail.conf.5 == --- head/usr.sbin/jail/jail.conf.5 Wed Feb 10 12:14:56 2016 (r295467) +++ head/usr.sbin/jail/jail.conf.5 Wed Feb 10 14:48:49 2016 (r295468) @@ -224,7 +224,6 @@ file was added in The jail feature was written by .An Poul-Henning Kamp for R Associates -.Pa http://www.rndassociates.com/ who contributed it to .Fx . .Pp ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r294964 - stable/10/etc/rc.d
Author: jamie Date: Thu Jan 28 00:41:07 2016 New Revision: 294964 URL: https://svnweb.freebsd.org/changeset/base/294964 Log: MFC r294749: Allow the (old rc-style) exec_afterstart jail parameters to start numbering at 0, like exec_prestart and the others do. Make param0 optional, i.e. still look for param1. PR: 142973 Modified: stable/10/etc/rc.d/jail Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/rc.d/jail == --- stable/10/etc/rc.d/jail Wed Jan 27 22:56:04 2016(r294963) +++ stable/10/etc/rc.d/jail Thu Jan 28 00:41:07 2016(r294964) @@ -32,7 +32,7 @@ need_dad_wait= # Extract value from ${jail_$jv_$name} or ${jail_$name} and # set it to $param. If not defined, $defval is used. # When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and -# $param is set by using +=. +# $param is set by using +=. $num=0 is optional (params may start at 1). # When $num is YN or NY, the value is interpret as boolean. extract_var() { @@ -72,7 +72,7 @@ extract_var() eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\" if [ -n "$_tmpargs" ]; then echo " $_param += \"$_tmpargs\";" - else + elif [ $i != 0 ]; then break; fi i=$(($i + 1)) @@ -202,7 +202,7 @@ parse_options() extract_var $_jv exec_poststop exec.poststop 0 "" echo " exec.start += \"$_exec_start\";" - extract_var $_jv exec_afterstart exec.start 1 "" + extract_var $_jv exec_afterstart exec.start 0 "" echo " exec.stop = \"$_exec_stop\";" extract_var $_jv consolelog exec.consolelog - \ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r294749 - head/etc/rc.d
Author: jamie Date: Mon Jan 25 22:14:31 2016 New Revision: 294749 URL: https://svnweb.freebsd.org/changeset/base/294749 Log: Allow the (old rc-style) exec_afterstart jail parameters to start numbering at 0, like exec_prestart and the others do. Make param0 optional, i.e. still look for param1. PR: 142973 MFC after:3 days Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail == --- head/etc/rc.d/jail Mon Jan 25 22:12:03 2016(r294748) +++ head/etc/rc.d/jail Mon Jan 25 22:14:31 2016(r294749) @@ -32,7 +32,7 @@ need_dad_wait= # Extract value from ${jail_$jv_$name} or ${jail_$name} and # set it to $param. If not defined, $defval is used. # When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and -# $param is set by using +=. +# $param is set by using +=. $num=0 is optional (params may start at 1). # When $num is YN or NY, the value is interpret as boolean. extract_var() { @@ -72,7 +72,7 @@ extract_var() eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\" if [ -n "$_tmpargs" ]; then echo " $_param += \"$_tmpargs\";" - else + elif [ $i != 0 ]; then break; fi i=$(($i + 1)) @@ -202,7 +202,7 @@ parse_options() extract_var $_jv exec_poststop exec.poststop 0 "" echo " exec.start += \"$_exec_start\";" - extract_var $_jv exec_afterstart exec.start 1 "" + extract_var $_jv exec_afterstart exec.start 0 "" echo " exec.stop = \"$_exec_stop\";" extract_var $_jv consolelog exec.consolelog - \ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r294484 - stable/10/usr.sbin/jail
Author: jamie Date: Thu Jan 21 04:37:16 2016 New Revision: 294484 URL: https://svnweb.freebsd.org/changeset/base/294484 Log: MFC r294183: Clear errno before calling getpw*. MFC r294196: Don't bother checking an ip[46].addr netmask/prefixlen. This is already handled by ifconfig, and it was doing it wrong when the paramater included extra ifconfig options. PR: 205926 Modified: stable/10/usr.sbin/jail/command.c stable/10/usr.sbin/jail/config.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/command.c == --- stable/10/usr.sbin/jail/command.c Thu Jan 21 03:05:03 2016 (r294483) +++ stable/10/usr.sbin/jail/command.c Thu Jan 21 04:37:16 2016 (r294484) @@ -878,6 +878,7 @@ get_user_info(struct cfjail *j, const ch { const struct passwd *pwd; + errno = 0; *pwdp = pwd = username ? getpwnam(username) : getpwuid(getuid()); if (pwd == NULL) { if (errno) Modified: stable/10/usr.sbin/jail/config.c == --- stable/10/usr.sbin/jail/config.cThu Jan 21 03:05:03 2016 (r294483) +++ stable/10/usr.sbin/jail/config.cThu Jan 21 04:37:16 2016 (r294484) @@ -454,7 +454,7 @@ check_intparams(struct cfjail *j) struct addrinfo hints; struct addrinfo *ai0, *ai; const char *hostname; - int gicode, defif, prefix; + int gicode, defif; #endif #ifdef INET struct in_addr addr4; @@ -597,15 +597,7 @@ check_intparams(struct cfjail *j) strcpy(s->s, cs + 1); s->len -= cs + 1 - s->s; } - if ((cs = strchr(s->s, '/'))) { - prefix = strtol(cs + 1, , 10); - if (*ep == '.' - ? inet_pton(AF_INET, cs + 1, ) != 1 - : *ep || prefix < 0 || prefix > 32) { - jail_warnx(j, - "ip4.addr: bad netmask \"%s\"", cs); - error = -1; - } + if ((cs = strchr(s->s, '/')) != NULL) { *cs = '\0'; s->len = cs - s->s; } @@ -626,14 +618,7 @@ check_intparams(struct cfjail *j) strcpy(s->s, cs + 1); s->len -= cs + 1 - s->s; } - if ((cs = strchr(s->s, '/'))) { - prefix = strtol(cs + 1, , 10); - if (*ep || prefix < 0 || prefix > 128) { - jail_warnx(j, - "ip6.addr: bad prefixlen \"%s\"", - cs); - error = -1; - } + if ((cs = strchr(s->s, '/')) != NULL) { *cs = '\0'; s->len = cs - s->s; } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r294196 - head/usr.sbin/jail
Author: jamie Date: Sat Jan 16 22:32:57 2016 New Revision: 294196 URL: https://svnweb.freebsd.org/changeset/base/294196 Log: Don't bother checking an ip[46].addr netmask/prefixlen. This is already handled by ifconfig, and it was doing it wrong when the paramater included extra ifconfig options. PR: 205926 MFC after:5 days Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Sat Jan 16 21:24:12 2016(r294195) +++ head/usr.sbin/jail/config.c Sat Jan 16 22:32:57 2016(r294196) @@ -454,7 +454,7 @@ check_intparams(struct cfjail *j) struct addrinfo hints; struct addrinfo *ai0, *ai; const char *hostname; - int gicode, defif, prefix; + int gicode, defif; #endif #ifdef INET struct in_addr addr4; @@ -597,15 +597,7 @@ check_intparams(struct cfjail *j) strcpy(s->s, cs + 1); s->len -= cs + 1 - s->s; } - if ((cs = strchr(s->s, '/'))) { - prefix = strtol(cs + 1, , 10); - if (*ep == '.' - ? inet_pton(AF_INET, cs + 1, ) != 1 - : *ep || prefix < 0 || prefix > 32) { - jail_warnx(j, - "ip4.addr: bad netmask \"%s\"", cs); - error = -1; - } + if ((cs = strchr(s->s, '/')) != NULL) { *cs = '\0'; s->len = cs - s->s; } @@ -626,14 +618,7 @@ check_intparams(struct cfjail *j) strcpy(s->s, cs + 1); s->len -= cs + 1 - s->s; } - if ((cs = strchr(s->s, '/'))) { - prefix = strtol(cs + 1, , 10); - if (*ep || prefix < 0 || prefix > 128) { - jail_warnx(j, - "ip6.addr: bad prefixlen \"%s\"", - cs); - error = -1; - } + if ((cs = strchr(s->s, '/')) != NULL) { *cs = '\0'; s->len = cs - s->s; } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r294183 - head/usr.sbin/jail
Author: jamie Date: Sat Jan 16 18:13:28 2016 New Revision: 294183 URL: https://svnweb.freebsd.org/changeset/base/294183 Log: Clear errno before calling getpw*. Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cSat Jan 16 18:11:17 2016 (r294182) +++ head/usr.sbin/jail/command.cSat Jan 16 18:13:28 2016 (r294183) @@ -877,6 +877,7 @@ get_user_info(struct cfjail *j, const ch { const struct passwd *pwd; + errno = 0; *pwdp = pwd = username ? getpwnam(username) : getpwuid(getuid()); if (pwd == NULL) { if (errno) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r292967 - stable/10/etc/rc.d
Author: jamie Date: Thu Dec 31 01:24:16 2015 New Revision: 292967 URL: https://svnweb.freebsd.org/changeset/base/292967 Log: MFC r292759: Let old-style (shell-based) jail configuration handle jail names that contain characters not allowed in a shell variable (such as "-"). These will be replaced by an underscore in jail config variables, e.g. for jail "foo-bar" you would set "jail_foo_bar_hostname". This is separate from the current code that changes the jail names if they contain "." or "/". It also doesn't apply to jails defined in a jail.conf file. PR: 191181 Modified: stable/10/etc/rc.d/jail Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/rc.d/jail == --- stable/10/etc/rc.d/jail Wed Dec 30 23:27:24 2015(r292966) +++ stable/10/etc/rc.d/jail Thu Dec 31 01:24:16 2015(r292967) @@ -28,16 +28,16 @@ extra_commands="config console status" need_dad_wait= -# extract_var jail name param num defval -# Extract value from ${jail_$jail_$name} or ${jail_$name} and +# extract_var jv name param num defval +# Extract value from ${jail_$jv_$name} or ${jail_$name} and # set it to $param. If not defined, $defval is used. -# When $num is [0-9]*, ${jail_$jail_$name$num} are looked up and +# When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and # $param is set by using +=. # When $num is YN or NY, the value is interpret as boolean. extract_var() { - local i _j _name _param _num _def _name1 _name2 - _j=$1 + local i _jv _name _param _num _def _name1 _name2 + _jv=$1 _name=$2 _param=$3 _num=$4 @@ -45,7 +45,7 @@ extract_var() case $_num in YN) - _name1=jail_${_j}_${_name} + _name1=jail_${_jv}_${_name} _name2=jail_${_name} eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\" if checkyesno $_name1; then @@ -55,7 +55,7 @@ extract_var() fi ;; NY) - _name1=jail_${_j}_${_name} + _name1=jail_${_jv}_${_name} _name2=jail_${_name} eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\" if checkyesno $_name1; then @@ -67,7 +67,7 @@ extract_var() [0-9]*) i=$_num while : ; do - _name1=jail_${_j}_${_name}${i} + _name1=jail_${_jv}_${_name}${i} _name2=jail_${_name}${i} eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\" if [ -n "$_tmpargs" ]; then @@ -79,7 +79,7 @@ extract_var() done ;; *) - _name1=jail_${_j}_${_name} + _name1=jail_${_jv}_${_name} _name2=jail_${_name} eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\" if [ -n "$_tmpargs" ]; then @@ -89,22 +89,23 @@ extract_var() esac } -# parse_options _j +# parse_options _j _jv # Parse options and create a temporary configuration file if necessary. # parse_options() { - local _j _p + local _j _jv _p _j=$1 + _jv=$2 _confwarn=0 if [ -z "$_j" ]; then warn "parse_options: you must specify a jail" return fi - eval _jconf=\"\${jail_${_j}_conf:-/etc/jail.${_j}.conf}\" - eval _rootdir=\"\$jail_${_j}_rootdir\" - eval _hostname=\"\$jail_${_j}_hostname\" + eval _jconf=\"\${jail_${_jv}_conf:-/etc/jail.${_j}.conf}\" + eval _rootdir=\"\$jail_${_jv}_rootdir\" + eval _hostname=\"\$jail_${_jv}_hostname\" if [ -z "$_rootdir" -o \ -z "$_hostname" ]; then if [ -r "$_jconf" ]; then @@ -120,7 +121,7 @@ parse_options() fi return 1 fi - eval _ip=\"\$jail_${_j}_ip\" + eval _ip=\"\$jail_${_jv}_ip\" if [ -z "$_ip" ] && ! check_kern_features vimage; then warn "no ipaddress specified and no vimage support. " \ "Jail $_j was ignored." @@ -138,10 +139,10 @@ parse_options() fi /usr/bin/install -m 0644 -o root -g wheel /dev/null $_conf || return 1 - eval : \${jail_${_j}_flags:=${jail_flags}} - eval _exec=\"\$jail_${_j}_exec\" - eval _exec_start=\"\$jail_${_j}_exec_start\" - eval _exec_stop=\"\$jail_${_j}_exec_stop\" + eval : \${jail_${_jv}_flags:=${jail_flags}} + eval _exec=\"\$jail_${_jv}_exec\" + eval _exec_start=\"\$jail_${_jv}_exec_start\" + eval _exec_stop=\"\$jail_${_jv}_exec_stop\" if [ -n "${_exec}" ]; then # simple/backward-compatible execution _exec_start="${_exec}" @@ -155,20 +156,20 @@ parse_options()