From nobody Wed Sep 10 21:12:59 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cMYLh0jQGz66sqB; Wed, 10 Sep 2025 21:13:00 +0000 (UTC) (envelope-from jamie@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cMYLg6fmqz476y; Wed, 10 Sep 2025 21:12:59 +0000 (UTC) (envelope-from jamie@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1757538780; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ut5pOqdnAtOvkG1A4eOd0QxsmAdXvwr5whyyHqRJRdU=; b=e+kyvWarq8qq6epLZ7HolKr5+0SvEdSJnWV+WZZq4KA8ZYxm4m9m1F7NgtNkzQKrsq5ogk tYvxWBfn042hwaUdKBkMkKq1lDy2jNaVPrwk977VnewK4fUud4eNJLD7GBgLA3QUh14l+J drgd4J/vV5FsIfQxH0K2JOKiBP5LqhRNi7Puv0G7X2KJCpDLL/B4mdd8JlGQiieFPrPFLN xt3R+9O4OCgt66Tgr7pI6md90YdJ1cKufjBzbSpaz4drbr9Cu29qpOmH7u7ohz8gK6Zszc u3EWD+KG+Yg6AXVfB46xhw57wjfX9ORGiZ1NF8Mv2tpPphNMVa1p6VKYBQHpyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1757538780; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ut5pOqdnAtOvkG1A4eOd0QxsmAdXvwr5whyyHqRJRdU=; b=OqijpAs4kra7C+wMe9ap30/9hnERM/BtBRAENToG2ypL79A8pXGa62oHm+iaVx/PPS4HMk 7xhdCh3wfWPTdw8KzeB0Qf4afpKD2ffofI4ZPwg+aj5I8uZ1VnyRSHO5JyGdG3RiT3uM6v kvY8nde8TMBZ3iK0aS+1tt0YFBTOisLuGIFbDL/QrhzsocPJqRJCZ9lCHVc5vkV4N/VtDB GH8lCncNXZYb342Mk3k8inpHKhZC+iE5dBBjQQqCj+aaD+P0SknoFx+N7fLMyzbfgBxeP1 U1MFnqF0rzbZYlL62pbYy9DbcA0KVvYV9m4YuRUdKChvl6mpi5jQRrXOEBiA+g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1757538780; a=rsa-sha256; cv=none; b=e4zUGlh/jsn/3ovJmMy0tjwYiRTwFkfi+KmpAFCAiGuuyaXCfGopR8FXLbENjWVDTD02Hm vAGsOeqFtMm9Y5Gcp1Ikv5ikLVcVhMgEug86GRNYdwnzqbogNlaDaz6LQu1pfpMYaTl2bD MoNrA0U3NK0oqZz+nxCFo3PvBmVopCRRgKcgGKqW+qmQVEScc+6wL3Ccel8JZLSxC8prAb KDicpldprbaiQqsFXPuMKAQDRvPcQqQzxac8OcatdbcGhGyYVr9m69p05hFogo7fV8tTN9 EGL8Z6a5VKo25aDi2vQAp4zeV35ztGOar7iJnasSDbvBGsaZCxFVPiOmvKe39A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from m2.gritton.org (gritton.org [67.43.236.212]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: jamie) by smtp.freebsd.org (Postfix) with ESMTPSA id 4cMYLg657TzrHK; Wed, 10 Sep 2025 21:12:59 +0000 (UTC) (envelope-from jamie@freebsd.org) Received: from gritton.org (localgritton [127.0.0.212]) by m2.gritton.org (Postfix) with ESMTPSA id 86AF87BE9B; Wed, 10 Sep 2025 14:12:59 -0700 (PDT) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Date: Wed, 10 Sep 2025 14:12:59 -0700 From: James Gritton To: Konstantin Belousov Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: 851dc7f859c2 - main - jail: add jail descriptors In-Reply-To: References: <202509042031.584KVpxY000408@gitrepo.freebsd.org> <2f66c886ab44aea5ad2e57cc72c03e3f@freebsd.org> <24a1f2413af24eea3fb5e9be9c05c4bd@freebsd.org> Message-ID: <5581284543566ead0e0aea27b6e11dbf@freebsd.org> X-Sender: jamie@freebsd.org Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit On 2025-09-10 02:03, Konstantin Belousov wrote: > First, since you already mentioned a desire to capsicumize jfds, I > think it > is already a huge wart in the interface. The function that opens (or > creates) fd from a jail id, must not take just jail. It should be > namespace-aware already. In other words, it should take existing jfd > and create a child jail, returning jfd for it. The existing jfd gives > the namespace container to start with, which is essentially how > capsicum > is organizing the rights limiting. > > For the bootstrapping, the prison0 non-capentered process can pass a > special > id for jfd to reference prison0, similar how AT_FWCWD marks '.' for > *at(2) > syscalls. The current jaildesc code is namespace-aware, via the JAIL_AT_DESC flag. So if you have a descriptor for jail "foo" and you create "bar", you end up creating "foo.bar" just as you would if you were already attached to jail "foo". Similarly, if you look up by jid, it only works when that jail is a descendant of "foo". Yes, getting jid 0 makes sense for bootstrapping - it already means "the current jail" in other contexts. The resulting descriptor would be flagged as only for JAIL_AT_DESC use, without the ability to modify, remove, or attach to it, regardless of whether capsicum is enabled. - Jamie