Date: Wed, 25 Jun 2003 17:51:06 +0400 From: Dmitry Sivachenko <demon@freebsd.org> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl> Cc: freebsd-arch@freebsd.org Subject: Re: Jailed sysvipc implementation. Message-ID: <20030625135106.GA19868@fling-wing.demos.su> In-Reply-To: <20030624164602.GW7587@garage.freebsd.pl> References: <20030624164602.GW7587@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 24, 2003 at 06:46:02PM +0200, Pawel Jakub Dawidek wrote: > Hello. >=20 > Some time ago I've implemented private memory zones for IPC mechism. > Every jail and main host got its own memory for IPC operations. > It was implemented for FreeBSD 4.x. Avaliable at: >=20 > http://garage.freebsd.pl/privipc.tbz > http://garage.freebsd.pl/privipc.README I think it would be better to add checks to disallow the use of IPC=20 primitives created in one jail from another. Thus we will avoid allocating separate segments of kernel memory for each jail. It could be trivially achieved by adding another field to struct ipc_perm, but Robert Watson said he knows another way of doing this without breaking ABI (if I understood him right). --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE++ajKEZSZYxPV34ARAniHAKCkNLYNkLMuWU+n/Sby90GP1KnbQwCggzHx /95lgkqTkgDcO2l/GXBmEx0= =R/Ho -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030625135106.GA19868>