Author: jamie Date: Thu Aug 16 19:09:43 2018 New Revision: 337925 URL: https://svnweb.freebsd.org/changeset/base/337925
Log: Revert r337922, except for some documention-only bits. This needs to wait until user is changed to stop using jail(2). Differential Revision: D14791 Modified: head/lib/libc/sys/jail.2 head/sys/compat/freebsd32/freebsd32_misc.c head/sys/compat/freebsd32/freebsd32_proto.h head/sys/compat/freebsd32/freebsd32_syscall.h head/sys/compat/freebsd32/freebsd32_syscalls.c head/sys/compat/freebsd32/freebsd32_sysent.c head/sys/compat/freebsd32/freebsd32_systrace_args.c head/sys/compat/freebsd32/syscalls.master head/sys/kern/init_sysent.c head/sys/kern/kern_jail.c head/sys/kern/syscalls.c head/sys/kern/syscalls.master head/sys/kern/systrace_args.c head/sys/sys/jail.h head/sys/sys/syscall.h head/sys/sys/syscall.mk head/sys/sys/syscallsubr.h head/sys/sys/sysproto.h Modified: head/lib/libc/sys/jail.2 ============================================================================== --- head/lib/libc/sys/jail.2 Thu Aug 16 18:58:34 2018 (r337924) +++ head/lib/libc/sys/jail.2 Thu Aug 16 19:09:43 2018 (r337925) @@ -25,10 +25,11 @@ .\" .\" $FreeBSD$ .\" -.Dd August 16, 2018 +.Dd February 8, 2012 .Dt JAIL 2 .Os .Sh NAME +.Nm jail , .Nm jail_get , .Nm jail_set , .Nm jail_remove , @@ -40,6 +41,8 @@ .In sys/param.h .In sys/jail.h .Ft int +.Fn jail "struct jail *jail" +.Ft int .Fn jail_attach "int jid" .Ft int .Fn jail_remove "int jid" @@ -50,7 +53,74 @@ .Fn jail_set "struct iovec *iov" "u_int niov" "int flags" .Sh DESCRIPTION The +.Fn jail +system call sets up a jail and locks the current process in it. +.Pp +The argument is a pointer to a structure describing the prison: +.Bd -literal -offset indent +struct jail { + uint32_t version; + char *path; + char *hostname; + char *jailname; + unsigned int ip4s; + unsigned int ip6s; + struct in_addr *ip4; + struct in6_addr *ip6; +}; +.Ed +.Pp +.Dq Li version +defines the version of the API in use. +.Dv JAIL_API_VERSION +is defined for the current version. +.Pp +The +.Dq Li path +pointer should be set to the directory which is to be the root of the +prison. +.Pp +The +.Dq Li hostname +pointer can be set to the hostname of the prison. +This can be changed +from the inside of the prison. +.Pp +The +.Dq Li jailname +pointer is an optional name that can be assigned to the jail +for example for management purposes. +.Pp +The +.Dq Li ip4s +and +.Dq Li ip6s +give the numbers of IPv4 and IPv6 addresses that will be passed +via their respective pointers. +.Pp +The +.Dq Li ip4 +and +.Dq Li ip6 +pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to +the prison, or NULL if none. +IPv4 addresses must be in network byte order. +.Pp +This is equivalent to, and deprecated in favor of, the .Fn jail_set +system call (see below), with the parameters +.Va path , +.Va host.hostname , +.Va name , +.Va ip4.addr , +and +.Va ip6.addr , +and with the +.Dv JAIL_ATTACH +flag. +.Pp +The +.Fn jail_set system call creates a new jail, or modifies an existing one, and optionally locks the current process in it. Jail parameters are passed as an array of name-value pairs in the array @@ -76,19 +146,13 @@ The current set of available parameters, and their for retrieved via the .Va security.jail.param sysctl MIB entry. -Notable parameters include +Notable parameters include those mentioned in the +.Fn jail +description above, as well as .Va jid and -.Va name -which identify the jail being created or modified, -.Va path -(the root directory of the jail), -.Va host.hostname -(the hostname of the jail), and -.Va ip4.addr -and -.Va ip6.addr -(IP addresses to assign to the jail). +.Va name , +which identify the jail being created or modified. See .Xr jail 8 for more information on the core jail parameters. @@ -173,7 +237,8 @@ It will kill all processes belonging to the jail, and of that jail. .Sh RETURN VALUES If successful, -.Fn jail_set +.Fn jail , +.Fn jail_set , and .Fn jail_get return a non-negative integer, termed the jail identifier (JID). @@ -184,6 +249,25 @@ to indicate the error. .Rv -std jail_attach jail_remove .Sh ERRORS The +.Fn jail +system call +will fail if: +.Bl -tag -width Er +.It Bq Er EPERM +This process is not allowed to create a jail, either because it is not +the super-user, or because it would exceed the jail's +.Va children.max +limit. +.It Bq Er EFAULT +.Fa jail +points to an address outside the allocated address space of the process. +.It Bq Er EINVAL +The version number of the argument is not correct. +.It Bq Er EAGAIN +No free JID could be found. +.El +.Pp +The .Fn jail_set system call will fail if: @@ -287,7 +371,8 @@ does not exist. .El .Pp Further -.Fn jail_set +.Fn jail , +.Fn jail_set , and .Fn jail_attach call @@ -301,7 +386,7 @@ manual page for details. .Xr chroot 2 , .Xr jail 8 .Sh HISTORY -The now-deprecated +The .Fn jail system call appeared in .Fx 4.0 . Modified: head/sys/compat/freebsd32/freebsd32_misc.c ============================================================================== --- head/sys/compat/freebsd32/freebsd32_misc.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/freebsd32_misc.c Thu Aug 16 19:09:43 2018 (r337925) @@ -2289,10 +2289,8 @@ freebsd32_sysctl(struct thread *td, struct freebsd32_s return (0); } -#ifdef COMPAT_FREEBSD11 int -freebsd11_freebsd32_jail(struct thread *td, - struct freebsd11_freebsd32_jail_args *uap) +freebsd32_jail(struct thread *td, struct freebsd32_jail_args *uap) { uint32_t version; int error; @@ -2349,9 +2347,8 @@ freebsd11_freebsd32_jail(struct thread *td, /* Sci-Fi jails are not supported, sorry. */ return (EINVAL); } - return (freebsd11_kern_jail(td, &j)); + return (kern_jail(td, &j)); } -#endif /* COMPAT_FREEBSD11 */ int freebsd32_jail_set(struct thread *td, struct freebsd32_jail_set_args *uap) Modified: head/sys/compat/freebsd32/freebsd32_proto.h ============================================================================== --- head/sys/compat/freebsd32/freebsd32_proto.h Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/freebsd32_proto.h Thu Aug 16 19:09:43 2018 (r337925) @@ -283,6 +283,9 @@ struct freebsd32_sched_rr_get_interval_args { char pid_l_[PADL_(pid_t)]; pid_t pid; char pid_r_[PADR_(pid_t)]; char interval_l_[PADL_(struct timespec32 *)]; struct timespec32 * interval; char interval_r_[PADR_(struct timespec32 *)]; }; +struct freebsd32_jail_args { + char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)]; +}; struct freebsd32_sigtimedwait_args { char set_l_[PADL_(const sigset_t *)]; const sigset_t * set; char set_r_[PADR_(const sigset_t *)]; char info_l_[PADL_(siginfo_t *)]; siginfo_t * info; char info_r_[PADR_(siginfo_t *)]; @@ -758,6 +761,7 @@ int freebsd32_aio_return(struct thread *, struct freeb int freebsd32_aio_suspend(struct thread *, struct freebsd32_aio_suspend_args *); int freebsd32_aio_error(struct thread *, struct freebsd32_aio_error_args *); int freebsd32_sched_rr_get_interval(struct thread *, struct freebsd32_sched_rr_get_interval_args *); +int freebsd32_jail(struct thread *, struct freebsd32_jail_args *); int freebsd32_sigtimedwait(struct thread *, struct freebsd32_sigtimedwait_args *); int freebsd32_sigwaitinfo(struct thread *, struct freebsd32_sigwaitinfo_args *); int freebsd32_aio_waitcomplete(struct thread *, struct freebsd32_aio_waitcomplete_args *); @@ -1180,9 +1184,6 @@ struct freebsd11_freebsd32_fhstat_args { char u_fhp_l_[PADL_(const struct fhandle *)]; const struct fhandle * u_fhp; char u_fhp_r_[PADR_(const struct fhandle *)]; char sb_l_[PADL_(struct freebsd11_stat32 *)]; struct freebsd11_stat32 * sb; char sb_r_[PADR_(struct freebsd11_stat32 *)]; }; -struct freebsd11_freebsd32_jail_args { - char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)]; -}; struct freebsd11_freebsd32_kevent_args { char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; char changelist_l_[PADL_(const struct kevent32_freebsd11 *)]; const struct kevent32_freebsd11 * changelist; char changelist_r_[PADR_(const struct kevent32_freebsd11 *)]; @@ -1222,7 +1223,6 @@ int freebsd11_freebsd32_lstat(struct thread *, struct int freebsd11_freebsd32_getdirentries(struct thread *, struct freebsd11_freebsd32_getdirentries_args *); int freebsd11_freebsd32_getdents(struct thread *, struct freebsd11_freebsd32_getdents_args *); int freebsd11_freebsd32_fhstat(struct thread *, struct freebsd11_freebsd32_fhstat_args *); -int freebsd11_freebsd32_jail(struct thread *, struct freebsd11_freebsd32_jail_args *); int freebsd11_freebsd32_kevent(struct thread *, struct freebsd11_freebsd32_kevent_args *); int freebsd11_freebsd32_fstatat(struct thread *, struct freebsd11_freebsd32_fstatat_args *); int freebsd11_freebsd32_mknodat(struct thread *, struct freebsd11_freebsd32_mknodat_args *); @@ -1317,7 +1317,7 @@ int freebsd11_freebsd32_mknodat(struct thread *, struc #define FREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO #define FREEBSD32_SYS_AUE_freebsd32_sched_rr_get_interval AUE_NULL #define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile AUE_SENDFILE -#define FREEBSD32_SYS_AUE_freebsd11_freebsd32_jail AUE_JAIL +#define FREEBSD32_SYS_AUE_freebsd32_jail AUE_JAIL #define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction AUE_SIGACTION #define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn AUE_SIGRETURN #define FREEBSD32_SYS_AUE_freebsd32_sigtimedwait AUE_SIGWAIT Modified: head/sys/compat/freebsd32/freebsd32_syscall.h ============================================================================== --- head/sys/compat/freebsd32/freebsd32_syscall.h Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/freebsd32_syscall.h Thu Aug 16 19:09:43 2018 (r337925) @@ -275,7 +275,7 @@ #define FREEBSD32_SYS_utrace 335 /* 336 is freebsd4 freebsd32_sendfile */ #define FREEBSD32_SYS_kldsym 337 -#define FREEBSD32_SYS_freebsd11_freebsd32_jail 338 +#define FREEBSD32_SYS_freebsd32_jail 338 #define FREEBSD32_SYS_sigprocmask 340 #define FREEBSD32_SYS_sigsuspend 341 /* 342 is freebsd4 freebsd32_sigaction */ Modified: head/sys/compat/freebsd32/freebsd32_syscalls.c ============================================================================== --- head/sys/compat/freebsd32/freebsd32_syscalls.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/freebsd32_syscalls.c Thu Aug 16 19:09:43 2018 (r337925) @@ -347,7 +347,7 @@ const char *freebsd32_syscallnames[] = { "utrace", /* 335 = utrace */ "compat4.freebsd32_sendfile", /* 336 = freebsd4 freebsd32_sendfile */ "kldsym", /* 337 = kldsym */ - "compat11.freebsd32_jail", /* 338 = freebsd11 freebsd32_jail */ + "freebsd32_jail", /* 338 = freebsd32_jail */ "#339", /* 339 = pioctl */ "sigprocmask", /* 340 = sigprocmask */ "sigsuspend", /* 341 = sigsuspend */ Modified: head/sys/compat/freebsd32/freebsd32_sysent.c ============================================================================== --- head/sys/compat/freebsd32/freebsd32_sysent.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/freebsd32_sysent.c Thu Aug 16 19:09:43 2018 (r337925) @@ -394,7 +394,7 @@ struct sysent freebsd32_sysent[] = { { AS(utrace_args), (sy_call_t *)sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 335 = utrace */ { compat4(AS(freebsd4_freebsd32_sendfile_args),freebsd32_sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 freebsd32_sendfile */ { AS(kldsym_args), (sy_call_t *)sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 337 = kldsym */ - { compat11(AS(freebsd11_freebsd32_jail_args),freebsd32_jail), AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd11 freebsd32_jail */ + { AS(freebsd32_jail_args), (sy_call_t *)freebsd32_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd32_jail */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 339 = pioctl */ { AS(sigprocmask_args), (sy_call_t *)sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 340 = sigprocmask */ { AS(sigsuspend_args), (sy_call_t *)sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 341 = sigsuspend */ Modified: head/sys/compat/freebsd32/freebsd32_systrace_args.c ============================================================================== --- head/sys/compat/freebsd32/freebsd32_systrace_args.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/freebsd32_systrace_args.c Thu Aug 16 19:09:43 2018 (r337925) @@ -1559,6 +1559,13 @@ systrace_args(int sysnum, void *params, uint64_t *uarg *n_args = 3; break; } + /* freebsd32_jail */ + case 338: { + struct freebsd32_jail_args *p = params; + uarg[0] = (intptr_t) p->jail; /* struct jail32 * */ + *n_args = 1; + break; + } /* sigprocmask */ case 340: { struct sigprocmask_args *p = params; @@ -5704,6 +5711,16 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *d break; }; break; + /* freebsd32_jail */ + case 338: + switch(ndx) { + case 0: + p = "userland struct jail32 *"; + break; + default: + break; + }; + break; /* sigprocmask */ case 340: switch(ndx) { @@ -9653,6 +9670,11 @@ systrace_return_setargdesc(int sysnum, int ndx, char * break; /* kldsym */ case 337: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* freebsd32_jail */ + case 338: if (ndx == 0 || ndx == 1) p = "int"; break; Modified: head/sys/compat/freebsd32/syscalls.master ============================================================================== --- head/sys/compat/freebsd32/syscalls.master Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/compat/freebsd32/syscalls.master Thu Aug 16 19:09:43 2018 (r337925) @@ -601,7 +601,7 @@ off_t *sbytes, int flags); } 337 AUE_NULL NOPROTO { int kldsym(int fileid, int cmd, \ void *data); } -338 AUE_JAIL COMPAT11 { int freebsd32_jail(struct jail32 *jail); } +338 AUE_JAIL STD { int freebsd32_jail(struct jail32 *jail); } 339 AUE_NULL UNIMPL pioctl 340 AUE_SIGPROCMASK NOPROTO { int sigprocmask(int how, \ const sigset_t *set, sigset_t *oset); } Modified: head/sys/kern/init_sysent.c ============================================================================== --- head/sys/kern/init_sysent.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/kern/init_sysent.c Thu Aug 16 19:09:43 2018 (r337925) @@ -387,7 +387,7 @@ struct sysent sysent[] = { { AS(utrace_args), (sy_call_t *)sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 335 = utrace */ { compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 sendfile */ { AS(kldsym_args), (sy_call_t *)sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 337 = kldsym */ - { compat11(AS(freebsd11_jail_args),jail), AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd11 jail */ + { AS(jail_args), (sy_call_t *)sys_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = jail */ { AS(nnpfs_syscall_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 339 = nnpfs_syscall */ { AS(sigprocmask_args), (sy_call_t *)sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 340 = sigprocmask */ { AS(sigsuspend_args), (sy_call_t *)sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 341 = sigsuspend */ Modified: head/sys/kern/kern_jail.c ============================================================================== --- head/sys/kern/kern_jail.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/kern/kern_jail.c Thu Aug 16 19:09:43 2018 (r337925) @@ -74,14 +74,6 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> -/* - * The old jail(2) interface will exist under COMPAT_FREEBSD11, but the global - * permission sysctls are slated to go away sometime (even with COMPAT). - */ -#if defined(COMPAT_FREEBSD11) && !defined(BURN_BRIDGES) -#define PR_GLOBAL_ALLOW -#endif - #define DEFAULT_HOSTUUID "00000000-0000-0000-0000-000000000000" MALLOC_DEFINE(M_PRISON, "prison", "Prison structures"); @@ -207,11 +199,9 @@ const size_t pr_flag_allow_size = sizeof(pr_flag_allow #define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | PR_ALLOW_RESERVED_PORTS) #define JAIL_DEFAULT_ENFORCE_STATFS 2 #define JAIL_DEFAULT_DEVFS_RSNUM 0 -#ifdef PR_GLOBAL_ALLOW static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW; static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS; static int jail_default_devfs_rsnum = JAIL_DEFAULT_DEVFS_RSNUM; -#endif #if defined(INET) || defined(INET6) static unsigned jail_max_af_ips = 255; #endif @@ -229,14 +219,13 @@ prison0_init(void) strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease)); } -#ifdef COMPAT_FREEBSD11 /* * struct jail_args { * struct jail *jail; * }; */ int -freebsd11_jail(struct thread *td, struct freebsd11_jail_args *uap) +sys_jail(struct thread *td, struct jail_args *uap) { uint32_t version; int error; @@ -281,16 +270,13 @@ freebsd11_jail(struct thread *td, struct freebsd11_jai /* Sci-Fi jails are not supported, sorry. */ return (EINVAL); } - return (freebsd11_kern_jail(td, &j)); + return (kern_jail(td, &j)); } int -freebsd11_kern_jail(struct thread *td, struct jail *j) +kern_jail(struct thread *td, struct jail *j) { - struct iovec optiov[2 * (3 -#ifdef PR_GLOBAL_ALLOW - + 1 + nitems(pr_flag_allow) -#endif + struct iovec optiov[2 * (4 + nitems(pr_flag_allow) #ifdef INET + 1 #endif @@ -300,10 +286,7 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) )]; struct uio opt; char *u_path, *u_hostname, *u_name; -#ifdef PR_GLOBAL_ALLOW struct bool_flags *bf; - int enforce_statfs; -#endif #ifdef INET uint32_t ip4s; struct in_addr *u_ip4; @@ -312,7 +295,7 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) struct in6_addr *u_ip6; #endif size_t tmplen; - int error; + int error, enforce_statfs; bzero(&optiov, sizeof(optiov)); opt.uio_iov = optiov; @@ -323,7 +306,6 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) opt.uio_rw = UIO_READ; opt.uio_td = td; -#ifdef PR_GLOBAL_ALLOW /* Set permissions for top-level jails from sysctls. */ if (!jailed(td->td_ucred)) { for (bf = pr_flag_allow; @@ -345,7 +327,6 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) optiov[opt.uio_iovcnt].iov_len = sizeof(enforce_statfs); opt.uio_iovcnt++; } -#endif tmplen = MAXPATHLEN + MAXHOSTNAMELEN + MAXHOSTNAMELEN; #ifdef INET @@ -449,7 +430,6 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) free(u_path, M_TEMP); return (error); } -#endif /* COMPAT_FREEBSD11 */ /* @@ -1267,11 +1247,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, i pr->pr_securelevel = ppr->pr_securelevel; pr->pr_allow = JAIL_DEFAULT_ALLOW & ppr->pr_allow; -#ifdef PR_GLOBAL_ALLOW pr->pr_enforce_statfs = jail_default_enforce_statfs; -#else - pr->pr_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS; -#endif pr->pr_devfs_rsnum = ppr->pr_devfs_rsnum; pr->pr_osreldate = osreldt ? osreldt : ppr->pr_osreldate; @@ -3439,7 +3415,6 @@ prison_path(struct prison *pr1, struct prison *pr2) static SYSCTL_NODE(_security, OID_AUTO, jail, CTLFLAG_RW, 0, "Jails"); -#ifdef COMPAT_FREEBSD11 static int sysctl_jail_list(SYSCTL_HANDLER_ARGS) { @@ -3543,7 +3518,6 @@ sysctl_jail_list(SYSCTL_HANDLER_ARGS) SYSCTL_OID(_security_jail, OID_AUTO, list, CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, sysctl_jail_list, "S", "List of active jails"); -#endif /* COMPAT_FREEBSD11 */ static int sysctl_jail_jailed(SYSCTL_HANDLER_ARGS) @@ -3583,14 +3557,13 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vnet, #if defined(INET) || defined(INET6) SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, &jail_max_af_ips, 0, - "Number of IP addresses a jail may have at most per address family"); + "Number of IP addresses a jail may have at most per address family (deprecated)"); #endif /* - * Jail permissions - jailed processes can read these to find out what they are - * allowed to do. A deprecated use is to set default permissions for prisons - * created via jail(2). For historical reasons, the sysctl names have varying - * similarity to the parameter names. + * Default parameters for jail(2) compatibility. For historical reasons, + * the sysctl names have varying similarity to the parameter names. Prisons + * just see their own parameters, and can't change them. */ static int sysctl_jail_default_allow(SYSCTL_HANDLER_ARGS) @@ -3599,68 +3572,52 @@ sysctl_jail_default_allow(SYSCTL_HANDLER_ARGS) int allow, error, i; pr = req->td->td_ucred->cr_prison; -#ifdef PR_GLOBAL_ALLOW allow = (pr == &prison0) ? jail_default_allow : pr->pr_allow; -#else - allow = pr->pr_allow; -#endif /* Get the current flag value, and convert it to a boolean. */ i = (allow & arg2) ? 1 : 0; if (arg1 != NULL) i = !i; error = sysctl_handle_int(oidp, &i, 0, req); - if (error) + if (error || !req->newptr) return (error); -#ifdef PR_GLOBAL_ALLOW - if (req->newptr) { - i = i ? arg2 : 0; - if (arg1 != NULL) - i ^= arg2; - /* - * The sysctls don't have CTLFLAGS_PRISON, so assume prison0 - * for writing. - */ - mtx_lock(&prison0.pr_mtx); - jail_default_allow = (jail_default_allow & ~arg2) | i; - mtx_unlock(&prison0.pr_mtx); - } -#endif + i = i ? arg2 : 0; + if (arg1 != NULL) + i ^= arg2; + /* + * The sysctls don't have CTLFLAGS_PRISON, so assume prison0 + * for writing. + */ + mtx_lock(&prison0.pr_mtx); + jail_default_allow = (jail_default_allow & ~arg2) | i; + mtx_unlock(&prison0.pr_mtx); return (0); } -#ifdef PR_GLOBAL_ALLOW -#define CTLFLAG_GLOBAL_ALLOW (CTLFLAG_RW | CTLFLAG_MPSAFE) -#define ADDR_GLOBAL_ALLOW(i) &i -#else -#define CTLFLAG_GLOBAL_ALLOW (CTLFLAG_RD | CTLFLAG_MPSAFE) -#define ADDR_GLOBAL_ALLOW(i) NULL -#endif - SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I", - "Processes in jail can set their hostnames"); + "Processes in jail can set their hostnames (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I", - "Processes in jail are limited to creating UNIX/IP/route sockets only"); + "Processes in jail are limited to creating UNIX/IP/route sockets only (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I", - "Processes in jail can use System V IPC primitives"); + "Processes in jail can use System V IPC primitives (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I", - "Prison root can create raw sockets"); + "Prison root can create raw sockets (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I", - "Processes in jail can alter system file flags"); + "Processes in jail can alter system file flags (deprecated)"); SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I", - "Processes in jail can mount/unmount jail-friendly file systems"); + "Processes in jail can mount/unmount jail-friendly file systems (deprecated)"); static int sysctl_jail_default_level(SYSCTL_HANDLER_ARGS) @@ -3669,33 +3626,25 @@ sysctl_jail_default_level(SYSCTL_HANDLER_ARGS) int level, error; pr = req->td->td_ucred->cr_prison; -#ifdef PR_GLOBAL_ALLOW level = (pr == &prison0) ? *(int *)arg1 : *(int *)((char *)pr + arg2); -#else - level = *(int *)((char *)pr + arg2); -#endif error = sysctl_handle_int(oidp, &level, 0, req); - if (error) + if (error || !req->newptr) return (error); -#ifdef PR_GLOBAL_ALLOW - if (req->newptr) - *(int *)arg1 = level; -#endif + *(int *)arg1 = level; return (0); } SYSCTL_PROC(_security_jail, OID_AUTO, enforce_statfs, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, - ADDR_GLOBAL_ALLOW(jail_default_enforce_statfs), - offsetof(struct prison, pr_enforce_statfs), + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + &jail_default_enforce_statfs, offsetof(struct prison, pr_enforce_statfs), sysctl_jail_default_level, "I", - "Processes in jail cannot see all mounted file systems"); + "Processes in jail cannot see all mounted file systems (deprecated)"); + SYSCTL_PROC(_security_jail, OID_AUTO, devfs_ruleset, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, - ADDR_GLOBAL_ALLOW(jail_default_devfs_rsnum), - offsetof(struct prison, pr_devfs_rsnum), + CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, + &jail_default_devfs_rsnum, offsetof(struct prison, pr_devfs_rsnum), sysctl_jail_default_level, "I", - "Ruleset for the devfs filesystem in jail"); + "Ruleset for the devfs filesystem in jail (deprecated)"); /* * Nodes to describe jail parameters. Maximum length of string parameters @@ -3836,6 +3785,9 @@ prison_add_allow(const char *prefix, const char *name, struct bool_flags *bf; struct sysctl_oid *parent; char *allow_name, *allow_noname, *allowed; +#ifndef NO_SYSCTL_DESCR + char *descr_deprecated; +#endif unsigned allow_flag; if (prefix @@ -3892,7 +3844,10 @@ prison_add_allow(const char *prefix, const char *name, bf->flag = allow_flag; mtx_unlock(&prison0.pr_mtx); - /* Create sysctls for the paramter, and the current permission. */ + /* + * Create sysctls for the paramter, and the back-compat global + * permission. + */ parent = prefix ? SYSCTL_ADD_NODE(NULL, SYSCTL_CHILDREN(&sysctl___security_jail_param_allow), @@ -3904,10 +3859,17 @@ prison_add_allow(const char *prefix, const char *name, if ((prefix ? asprintf(&allowed, M_TEMP, "%s_%s_allowed", prefix, name) : asprintf(&allowed, M_TEMP, "%s_allowed", name)) >= 0) { +#ifndef NO_SYSCTL_DESCR + (void)asprintf(&descr_deprecated, M_TEMP, "%s (deprecated)", + descr); +#endif (void)SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(&sysctl___security_jail), OID_AUTO, allowed, - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, NULL, allow_flag, - sysctl_jail_default_allow, "I", descr); + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, allow_flag, + sysctl_jail_default_allow, "I", descr_deprecated); +#ifndef NO_SYSCTL_DESCR + free(descr_deprecated, M_TEMP); +#endif free(allowed, M_TEMP); } return allow_flag; Modified: head/sys/kern/syscalls.c ============================================================================== --- head/sys/kern/syscalls.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/kern/syscalls.c Thu Aug 16 19:09:43 2018 (r337925) @@ -344,7 +344,7 @@ const char *syscallnames[] = { "utrace", /* 335 = utrace */ "compat4.sendfile", /* 336 = freebsd4 sendfile */ "kldsym", /* 337 = kldsym */ - "compat11.jail", /* 338 = freebsd11 jail */ + "jail", /* 338 = jail */ "nnpfs_syscall", /* 339 = nnpfs_syscall */ "sigprocmask", /* 340 = sigprocmask */ "sigsuspend", /* 341 = sigsuspend */ Modified: head/sys/kern/syscalls.master ============================================================================== --- head/sys/kern/syscalls.master Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/kern/syscalls.master Thu Aug 16 19:09:43 2018 (r337925) @@ -738,7 +738,7 @@ _Out_opt_ off_t *sbytes, int flags); } 337 AUE_NULL STD { int kldsym(int fileid, int cmd, \ _In_ void *data); } -338 AUE_JAIL COMPAT11 { int jail( \ +338 AUE_JAIL STD { int jail( \ _In_ struct jail *jail); } 339 AUE_NULL NOSTD|NOTSTATIC { int nnpfs_syscall(int operation, \ Modified: head/sys/kern/systrace_args.c ============================================================================== --- head/sys/kern/systrace_args.c Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/kern/systrace_args.c Thu Aug 16 19:09:43 2018 (r337925) @@ -1593,6 +1593,13 @@ systrace_args(int sysnum, void *params, uint64_t *uarg *n_args = 3; break; } + /* jail */ + case 338: { + struct jail_args *p = params; + uarg[0] = (intptr_t) p->jail; /* struct jail * */ + *n_args = 1; + break; + } /* nnpfs_syscall */ case 339: { struct nnpfs_syscall_args *p = params; @@ -5765,6 +5772,16 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *d break; }; break; + /* jail */ + case 338: + switch(ndx) { + case 0: + p = "userland struct jail *"; + break; + default: + break; + }; + break; /* nnpfs_syscall */ case 339: switch(ndx) { @@ -9627,6 +9644,11 @@ systrace_return_setargdesc(int sysnum, int ndx, char * break; /* kldsym */ case 337: + if (ndx == 0 || ndx == 1) + p = "int"; + break; + /* jail */ + case 338: if (ndx == 0 || ndx == 1) p = "int"; break; Modified: head/sys/sys/jail.h ============================================================================== --- head/sys/sys/jail.h Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/sys/jail.h Thu Aug 16 19:09:43 2018 (r337925) @@ -32,7 +32,6 @@ #ifndef _SYS_JAIL_H_ #define _SYS_JAIL_H_ -#ifdef COMPAT_FREEBSD11 #ifdef _KERNEL struct jail_v0 { u_int32_t version; @@ -58,6 +57,16 @@ struct jail { * For all xprison structs, always keep the pr_version an int and * the first variable so userspace can easily distinguish them. */ +#ifndef _KERNEL +struct xprison_v1 { + int pr_version; + int pr_id; + char pr_path[MAXPATHLEN]; + char pr_host[MAXHOSTNAMELEN]; + u_int32_t pr_ip; +}; +#endif + struct xprison { int pr_version; int pr_id; @@ -82,7 +91,6 @@ struct xprison { #define PRISON_STATE_INVALID 0 #define PRISON_STATE_ALIVE 1 #define PRISON_STATE_DYING 2 -#endif /* COMPAT_FREEBSD11 */ /* * Flags for jail_set and jail_get. @@ -102,6 +110,7 @@ struct xprison { struct iovec; +int jail(struct jail *); int jail_set(struct iovec *, unsigned int, int); int jail_get(struct iovec *, unsigned int, int); int jail_attach(int); Modified: head/sys/sys/syscall.h ============================================================================== --- head/sys/sys/syscall.h Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/sys/syscall.h Thu Aug 16 19:09:43 2018 (r337925) @@ -280,7 +280,7 @@ #define SYS_utrace 335 /* 336 is freebsd4 sendfile */ #define SYS_kldsym 337 -#define SYS_freebsd11_jail 338 +#define SYS_jail 338 #define SYS_nnpfs_syscall 339 #define SYS_sigprocmask 340 #define SYS_sigsuspend 341 Modified: head/sys/sys/syscall.mk ============================================================================== --- head/sys/sys/syscall.mk Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/sys/syscall.mk Thu Aug 16 19:09:43 2018 (r337925) @@ -209,7 +209,7 @@ MIASM = \ sched_rr_get_interval.o \ utrace.o \ kldsym.o \ - freebsd11_jail.o \ + jail.o \ nnpfs_syscall.o \ sigprocmask.o \ sigsuspend.o \ Modified: head/sys/sys/syscallsubr.h ============================================================================== --- head/sys/sys/syscallsubr.h Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/sys/syscallsubr.h Thu Aug 16 19:09:43 2018 (r337925) @@ -143,6 +143,7 @@ int kern_getsockname(struct thread *td, int fd, struct int kern_getsockopt(struct thread *td, int s, int level, int name, void *optval, enum uio_seg valseg, socklen_t *valsize); int kern_ioctl(struct thread *td, int fd, u_long com, caddr_t data); +int kern_jail(struct thread *td, struct jail *j); int kern_jail_get(struct thread *td, struct uio *options, int flags); int kern_jail_set(struct thread *td, struct uio *options, int flags); int kern_kevent(struct thread *td, int fd, int nchanges, int nevents, @@ -307,6 +308,5 @@ struct freebsd11_dirent; int freebsd11_kern_getdirentries(struct thread *td, int fd, char *ubuf, u_int count, long *basep, void (*func)(struct freebsd11_dirent *)); -int freebsd11_kern_jail(struct thread *td, struct jail *j); #endif /* !_SYS_SYSCALLSUBR_H_ */ Modified: head/sys/sys/sysproto.h ============================================================================== --- head/sys/sys/sysproto.h Thu Aug 16 18:58:34 2018 (r337924) +++ head/sys/sys/sysproto.h Thu Aug 16 19:09:43 2018 (r337925) @@ -849,6 +849,9 @@ struct kldsym_args { char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)]; char data_l_[PADL_(void *)]; void * data; char data_r_[PADR_(void *)]; }; +struct jail_args { + char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)]; +}; struct nnpfs_syscall_args { char operation_l_[PADL_(int)]; int operation; char operation_r_[PADR_(int)]; char a_pathP_l_[PADL_(char *)]; char * a_pathP; char a_pathP_r_[PADR_(char *)]; @@ -1958,6 +1961,7 @@ int sys_sched_get_priority_min(struct thread *, struct int sys_sched_rr_get_interval(struct thread *, struct sched_rr_get_interval_args *); int sys_utrace(struct thread *, struct utrace_args *); int sys_kldsym(struct thread *, struct kldsym_args *); +int sys_jail(struct thread *, struct jail_args *); int sys_nnpfs_syscall(struct thread *, struct nnpfs_syscall_args *); int sys_sigprocmask(struct thread *, struct sigprocmask_args *); int sys_sigsuspend(struct thread *, struct sigsuspend_args *); @@ -2527,9 +2531,6 @@ struct freebsd11_fhstat_args { char u_fhp_l_[PADL_(const struct fhandle *)]; const struct fhandle * u_fhp; char u_fhp_r_[PADR_(const struct fhandle *)]; char sb_l_[PADL_(struct freebsd11_stat *)]; struct freebsd11_stat * sb; char sb_r_[PADR_(struct freebsd11_stat *)]; }; -struct freebsd11_jail_args { - char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)]; -}; struct freebsd11_kevent_args { char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; char changelist_l_[PADL_(struct kevent_freebsd11 *)]; struct kevent_freebsd11 * changelist; char changelist_r_[PADR_(struct kevent_freebsd11 *)]; @@ -2578,7 +2579,6 @@ int freebsd11_nstat(struct thread *, struct freebsd11_ int freebsd11_nfstat(struct thread *, struct freebsd11_nfstat_args *); int freebsd11_nlstat(struct thread *, struct freebsd11_nlstat_args *); int freebsd11_fhstat(struct thread *, struct freebsd11_fhstat_args *); -int freebsd11_jail(struct thread *, struct freebsd11_jail_args *); int freebsd11_kevent(struct thread *, struct freebsd11_kevent_args *); int freebsd11_getfsstat(struct thread *, struct freebsd11_getfsstat_args *); int freebsd11_statfs(struct thread *, struct freebsd11_statfs_args *); @@ -2849,7 +2849,7 @@ int freebsd11_mknodat(struct thread *, struct freebsd1 #define SYS_AUE_utrace AUE_NULL #define SYS_AUE_freebsd4_sendfile AUE_SENDFILE #define SYS_AUE_kldsym AUE_NULL -#define SYS_AUE_freebsd11_jail AUE_JAIL +#define SYS_AUE_jail AUE_JAIL #define SYS_AUE_nnpfs_syscall AUE_NULL #define SYS_AUE_sigprocmask AUE_SIGPROCMASK #define SYS_AUE_sigsuspend AUE_SIGSUSPEND _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"