From nobody Tue Jul 25 03:49:18 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R931V1tYWz4pkmw for ; Tue, 25 Jul 2023 03:49:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R931T6mSYz47mv for ; Tue, 25 Jul 2023 03:49:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690256957; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WQbl0ojylmnXDqP80deSbOny45iKcJn45bsq3r2Xxyc=; b=fudG+HgG3btw1WjfW2FWmqjn506HI9N2ipfJrCOTBdVT1OcSo0mc0hhzEgVUN+tO10TuKe 8Ssfc8SC4UzPcFXf3Pdwx8g5lWaHC9gkH0UJMZ3AMvKV7lhT1Inw2kUMoMmqlekrKf4zPv 1Mna7LdOOIoycbdgsyTdPy/hq8JvmA/oTncxrdAYB08WZ9J/Fuq+OCp2Svgnq3wKEgUVJC imIvGJ85XpqK6g4uVLtEsJan+fn2sEZmLRQYNxWfJueSfw0GyCh/FvumYmIv9x3SOPB0K8 I8qHf0exu/D82cxj/gzKF4dGmAvTzlVrIctRBz712kfYequez8c2J4FGeLjrvg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690256957; a=rsa-sha256; cv=none; b=VKfkaaJQviL5m+GQB5eOLVK+AcVFiB9bbhRexj46MDChX1f3hVUuC9RjDWleMGFaDvtbuB YGEvsMnMd0rqgMdqPu5dVk6WbvMXTmEcOWCiJGEVmCCuht/g019sRY+F8kAdJjlRXIH+NA awaEyXgn5dsORU99kO2ekDsIDjCwCeV10OXiepX7R3fnZuwbw8DA+kCdNbv7bd/+77crFc bdXZp2qgCrlNaJFD2WIRmL/8hFmRObkBdA/VsI29FVLcWZ/smb8DJDqZw7fU4I3keNHRt8 vGduGsZb6WOBajc94BJP67FnFBEwcE0JF5Wj2Eo+HBcApWFjOJDBNM819yDb1Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R931T5pctzl9r for ; Tue, 25 Jul 2023 03:49:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36P3nH3M057361 for ; Tue, 25 Jul 2023 03:49:17 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36P3nHpw057360 for jail@FreeBSD.org; Tue, 25 Jul 2023 03:49:17 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison Date: Tue, 25 Jul 2023 03:49:18 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |jail@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jul 25 08:27:03 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R99B03LdTz4ntTm for ; Tue, 25 Jul 2023 08:27:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R99B01fchz4344 for ; Tue, 25 Jul 2023 08:27:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690273624; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9IqRIo0EUv0HMOKhO9LPJT3TNV5V9oBkUOits8ze1mA=; b=AfPx+1yfa0iw6TB/BvdNBskQSIBScL+D352PaBZeKSDoLyy5kf4NQUTqLdHpwDri8kjdra 4xBaDLV9Efm6UITtxN1ggZAariQn40/RAOPBqKFsXVd/CShLG4gdR2f/aikPHfwbbq0qL3 g+uQdWapC9FDMMu90Is3U5Xvtwmsb36cOnyLgSdJfefhUFd93UxA8BqYHcOCd+c6u47gNj Sz/QnO4MQgPpJp5H5cCc/sNnqaSHKqCeW0cXYd4BFZIYvq27ICKhJ2b0Hscyb0/bkbGrW6 LAboJz4IcXBt3Ttzqd8W6OISop+taIViWzWlQIhaq28WtBzsL9jm4gdVrvwDIA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690273624; a=rsa-sha256; cv=none; b=eOrhJOCxIKq8P0+Ys9ct1a0DgnkZzmt1HvXogPBJX2/uouYq75+76d6CFPf7Lt+QV4X9Gb YR85DBCdndgTOaepfN657D77VV/dT600spRjSm6YQkvKJD2uXBjuRILJd1vEeyM4JkUzPq BROXls+hKP1RNU7i3F4eUC6VA3jV5w3T9Tof6Ht+WC7c+0lgVWUkM7tlAgDyKqahPCnGlC zlBKK/6HjBHLH9NliTl2AV9w1Pf09kNC8g5udAq2jRR3gzNGXJ3Tfz7FVNmQJDqIEWa4Ve w/Dv+jKoGTUU/9xeA5ZpiUr9YbfI6bjDiZeRIIyrYERM6mdwDYxMwv3dhBhlCA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R999z68qNzsyK for ; Tue, 25 Jul 2023 08:27:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36P8R3QO079641 for ; Tue, 25 Jul 2023 08:27:03 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36P8R3UC079640 for jail@FreeBSD.org; Tue, 25 Jul 2023 08:27:03 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison Date: Tue, 25 Jul 2023 08:27:03 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: crest@rlwinm.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706 crest@rlwinm.de changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |crest@rlwinm.de --- Comment #1 from crest@rlwinm.de --- What is the jail's enforce_statfs setting? --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jul 25 09:27:52 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R9BX912g5z4nxh9 for ; Tue, 25 Jul 2023 09:27:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R9BX84cVpz4Qs4 for ; Tue, 25 Jul 2023 09:27:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690277272; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IJNHRjQiduTJvPiTsYWP6xJy7bXfjrRof8HMhThmqsc=; b=kKKle7MFUbueznE4zm85L3k87YWnOHt7VcoMOD1rx/FyE2VCB+/7gK5jVfuIyN9713mixP CMz3t4ZdzuyqhOwUgpN5lT8LWKaWG+vJk2/XxETw/hwtge2XziHsNzU22Lcr52Q7gNiE6b z8f1ipSto5ZZe7S8YVDTKRX7MPHnr0n7xsUvxRajUwNDyCdwADl6IzFFoSIw+NSUEsHZos bdk3/xAg3NN1bKAbZddI4ZQcGaQn3HlT4Fp7q/2rjQ6E9BMopZ/EoAkfwFD7+6Ev3pj9YL 5HYmzHJfIdKGnxiOOBc5/Aay0zD+wbQLKbucOnVxkivl4EUmgFMjG4S1CaEwXw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690277272; a=rsa-sha256; cv=none; b=ZkuqUp1Z3lZVf3qDgq3PAo26u0JBg5e7bwEqwkFGrz0X7mxkvkzm4Iyk7+nucU2RZNaJNV gkWzdkv5G+Mlc1+ZnHErF2JH9MVtDBi3+dXiPRi++QKj866QTZMJBQ3w+94YebY8vIh/VG rkIjj3fnfG7tOh8rNn8lZCZA+lXI+ASfS3sd5qKWccJzgIqxoNduN22N9MZkJ/8c+lKW83 4UzS2A6ZwcnYebjwufn1VKMiM/dMel7UoHFA1nN7qs5PZwtKT3RV3imJ5LJiRhoNJD7PW1 HqVnLTOa/Xa6o5vVfv+BVNFgRzie7RVWCOVBFjl2Q7WRxRpPAwXtoRxV5xt9oA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R9BX83l5Pzv4V for ; Tue, 25 Jul 2023 09:27:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36P9Rqwd071505 for ; Tue, 25 Jul 2023 09:27:52 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36P9Rqp6071504 for jail@FreeBSD.org; Tue, 25 Jul 2023 09:27:52 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison Date: Tue, 25 Jul 2023 09:27:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: elizabeth.jennifer.myers@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706 --- Comment #2 from Elizabeth Myers --- (In reply to crest from comment #1) It was originally 1. I tested with multiple values. 0, 1, or 2 has no effect. The jail doesn't start above 2, which makes sense as I believe it can't mou= nt devfs at that point. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jul 25 11:19:41 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R9F1C2Dkpz4p3QG for ; Tue, 25 Jul 2023 11:19:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R9F1B6RhSz3vj0 for ; Tue, 25 Jul 2023 11:19:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690283982; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OpHDil+RyATc5oHBCe8vXUKbR1sGNOXfVB1MRKB5gIo=; b=iDJsnd3k/E1rAxf77x7QPCiAqMWBNEsYOFakaNsnfdSZEyTVUwecO0O/EkOg4iayV+fpUC tzyymZamxxqEpnEZbMzMbH6WxIRFyXJ1uCOQPiSJa9yddXXAqcUZA1q+8jeP/0s08F+srw a3HzmEcKTIJSR0dHrMoDw/liRGKldGwqo6ozDHJfZtUjW5XZoHk4LbpwWo3H7xWE2PLMvY Wl+MLwza+FKfqCeeDK1E0Z9Qtb5VOE8F/nqy0zkNMCAYknM40vNqNJLfQdYWiNPWmLqZXG GsYxD5KYI7uuwkHcnflPkymXzArnxSiRowk3uDVvoTSHH55u+mm6v5ZWpl0yWg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690283982; a=rsa-sha256; cv=none; b=bNH7eyIeUijkfeh6WlT7DGZRu7YPo/8ZnmtddAPZUrPGLjOq32rrsJ4YAZbgwqYs7JaPnN 8jCHTXBs5SUq/H82GEqiqTgsLr1xRLpFn+vm3MWZr6JkiVIX7+SMOzmJ0yG2bRLopdpc9N C0CEYWsoWdod4NDY5Hj+stgvvl+R6lJR9MglqU1MwnUltA/q97zTn3S+zIybkTLCoPpmX9 Au7um+9zCUVJgAltmjnHVigNVxqDh40rRwJw7WR8kbSg5svBwyVOkW0JO2WezeVPTfDsaB Dke5ByRBauTlxVCdoVpXB3KE3irQrug+MqzPlSu52HHxGftbOzozhXA7H32vVw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R9F1B54M8zyHj for ; Tue, 25 Jul 2023 11:19:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36PBJgH7037800 for ; Tue, 25 Jul 2023 11:19:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36PBJgA8037799 for jail@FreeBSD.org; Tue, 25 Jul 2023 11:19:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison Date: Tue, 25 Jul 2023 11:19:41 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: andrew@tao11.riddles.org.uk X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706 Andrew "RhodiumToad" Gierth changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |andrew@tao11.riddles.org.uk --- Comment #3 from Andrew "RhodiumToad" Gierth --- (In reply to Elizabeth Myers from comment #2) Wait, are you saying that procstat executed from *outside* the jail shows t= he full paths (which is expected), or that procstat executed *inside* the jail shows the full paths (which I can't reproduce)? The code path at issue uses vn_fullpath which is sensitive to the root directory of the invoking process, i.e. procstat, not to that of the process being examined. If you're finding that procstat from *inside* the jail is showing the full path, can you show a complete session transcript including the jail creation and execution of the procstat command? --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jul 25 15:08:02 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R9L4f60jqz4pWj4 for ; Tue, 25 Jul 2023 15:08:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R9L4f4zc9z3LXV for ; Tue, 25 Jul 2023 15:08:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690297682; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vQ+MLh3CsI25oV27gZDAFB+j/2XV1VflnN8hUM/IBhs=; b=Vd8SfUo08wGVZi4N8rnx3w/mok+TWMBnI51HDq1GaVlI8VlKziB+oaEt0E1t7l/syjyiWW ko66jIYMqTBGKcodeCW3nLOXFsv2u+wZkhYsT1fhmn5q08KkqjvVgERd+nQKkM5VcJcBtS meiiT0ZN57WDCjniSM25Zxo3knvLF6isrYLC21S4bXjcfGqSCWClTdE8djF8vSAbBcOSve dEmXU+Xwg3We7+2/PdWdMrj3gJJ8L/38Jg7++sKNe2r957kUZanT785F21Sh7Y6I3NhrFs pP5q/Nz2e2g3v0LRCquvW8ACKS+Fz+GTb4PiMMvHQBE8Blobf3+GNQegGH4ylg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690297682; a=rsa-sha256; cv=none; b=vFWAvmtq1py1NmOxzND4tKy5B3wzpjFf7twcLWQErPA+wkCYYTOcv3fzQsO1oztyTohhVk RRqGeoVcd2GUyJz/3BpwCLq15Kzf611NZbiB/rvGzcN1p2lRPR8gAwIyqTShIFYfTW9+ft z9FAi9gwTysr490ITSLDjWrDiDgRqxDAbKzM4miNNiXmXMTg0BpDInyyy7l+Ayqb853vvA 2NPhZkQEyeOZfkhY9mkHETeqpFgDgInefVUJ7bfkEvf+7hF6LdFzXuB82cO3gSQroJdFWw 46gGnpLuIb+RjGEHtWvL+ldcqN4zo8BN1WBkB8GxiI2c/VVJLHJQo9Sx01SWNw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R9L4f43Qdz14DS for ; Tue, 25 Jul 2023 15:08:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36PF82OO077274 for ; Tue, 25 Jul 2023 15:08:02 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36PF8213077273 for jail@FreeBSD.org; Tue, 25 Jul 2023 15:08:02 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison Date: Tue, 25 Jul 2023 15:08:02 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: andrew@tao11.riddles.org.uk X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706 --- Comment #4 from Andrew "RhodiumToad" Gierth --- (In reply to Andrew "RhodiumToad" Gierth from comment #3) I think I figured this one out, it happens when nullmounts are involved, ev= en if the jail's root directory is not itself the mountpoint of a nullmount. e.g. mkdir /some/dir mount -t nullfs /path/to/real/jail/tree /some/dir jail -c path=3D/some/dir/somejail at this point, executing procstat (or possibly other vn_fullpath clients) inside the jail returns paths based on /path/to/real/jail/tree/somejail (and not /some/dir/somejail). --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jul 25 17:36:25 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R9PMt2QLpz4pRmh for ; Tue, 25 Jul 2023 17:36:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R9PMt1RS2z4ZTB for ; Tue, 25 Jul 2023 17:36:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690306586; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=j255qk0bUg98j0T6IwIeR9vOlzfX7JJDW3SaOguqKew=; b=vQvgIL2sPc9xDE/ZI1u0fM0eSpSkt6qxGSmxm2lbhpsoik7tuqj3KXzAhyM9u0CVsjrJF9 yBRz9jBDbIdpr2wZJIkkFri2yvcyQIB8JwzBwUAOv4Kv38VfqVNmscAbCnFcZTdRn/gaLo BZdp+YeA4k5sOt7U5XHGex56HAyEIuUyrTk1Zfu1WzzELUf0dhPElVo7LT1L3UgsS6pqui ZAII4qsEFeRbeM3w6v2ErgsmiOKAyP/irQv0DTyuaIH6i2BKJkpCSnG2TilKOGtxK3UogT GhTbgfcdTmBxOtKald09Wit3lP0hLSxgDQWaqLpNmTvw3XMM9pOxDasXG1x8cw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690306586; a=rsa-sha256; cv=none; b=Nh8p9AAYi2LLGZmaG7Uq8/HOEVf4SiseWwKnKi8DT/bRJzqgWyF0ka7HDUoM6DOmxyFjzx XNOKF03KjXwf9HpLDwjDcFB61zNP53xuHq2khCImnrPgUaRQloNCL8TwR4AitjjaGS4vKG vBiFQMVJ7TLlbWZw/4h/o4glCBAU4wps6k+WNHwHQZ1jLpdA3IOGmj9ELzDqAvxmP/gBPP zZG6fULPQARZ0ckEc00QjN6qy4gqTbB1IPoOnyl/PGpkvsiAvUrHfo+AQG84+H098NftaS IoUatjuSzWCKBis3UGRtXaZoljM9woZpGYzxNVbWe3UoqnXEVIrYBADyp0JjTQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R9PMt0Qymz18QG for ; Tue, 25 Jul 2023 17:36:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36PHaQrA002950 for ; Tue, 25 Jul 2023 17:36:26 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36PHaQVh002949 for jail@FreeBSD.org; Tue, 25 Jul 2023 17:36:26 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison Date: Tue, 25 Jul 2023 17:36:25 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: andrew@tao11.riddles.org.uk X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706 --- Comment #5 from Andrew "RhodiumToad" Gierth --- (In reply to Andrew "RhodiumToad" Gierth from comment #4) I've confirmed my analysis this far: vn_fullpath is being called with vp pointing to a physical filesystem vnode (i.e. not the nullfs node on the up= per layer, but the lower layer vnode backing it). Accordingly, since in general= the lower vnode is somewhere outside the jail root, the traverse of parent dirs never hits the process root directory, so the full path is shown. Most other uses of vn_fullpath will be starting from the upper-level vnode = (for example, because they just looked up a filename, or they have an open file, etc.), and in this case, the code seems to correctly traverse the upper lay= er and end at the process root dir. What I don't know is why the vm_object is apparently referencing the lower vnode rather than the upper one. --=20 You are receiving this mail because: You are the assignee for the bug.=