Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 5 Sep 2025 02:43:24 +0300
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Jamie Gritton <jamie@freebsd.org>
Cc:        src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject:   Re: git: 851dc7f859c2 - main - jail: add jail descriptors
Message-ID:  <aLokHDP-EMa1LR0D@kib.kiev.ua>
In-Reply-To: <202509042031.584KVpxY000408@gitrepo.freebsd.org>
References:  <202509042031.584KVpxY000408@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Sep 04, 2025 at 08:31:51PM +0000, Jamie Gritton wrote:
> The branch main has been updated by jamie:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=851dc7f859c23cab09a348bca03ab655534fb7e0
> 
> commit 851dc7f859c23cab09a348bca03ab655534fb7e0
> Author:     Jamie Gritton <jamie@FreeBSD.org>
> AuthorDate: 2025-09-04 20:27:47 +0000
> Commit:     Jamie Gritton <jamie@FreeBSD.org>
> CommitDate: 2025-09-04 20:27:47 +0000
> 
>     jail: add jail descriptors
>     
>     Similar to process descriptors, jail desriptors are allow jail
>     administration using the file descriptor interface instead of JIDs.
>     They come from and can be used by jail_set(2) and jail_get(2),
>     and there are two new system calls, jail_attach_jd(2) and
>     jail_remove_jd(2).
>     
>     Reviewed by:    bz, brooks

The code is from jaildesc_alloc():

	jd = malloc(sizeof(*jd), M_JAILDESC, M_WAITOK | M_ZERO);
	error = falloc_caps(td, &fp, fdp, 0, NULL);
	finit(fp, priv_check_cred(fp->f_cred, PRIV_JAIL_SET) == 0
	    ? FREAD | FWRITE : FREAD, DTYPE_JAILDESC, jd, &jaildesc_ops);
^^^^^^^^^^^ '?' should be placed on the previous line
	if (error != 0) {
		free(jd, M_JAILDESC);
		return (error);
	}
If falloc_caps() returned error, fp does not point to a valid file.
Then finit() operates on random memory.

Generated files should have been committed as a follow-up, not in the
same commit as written code.

jaildesc_find() returns EBADF when passed file type is not DTYPE_JAIL.
Normally EBADF means that the object underlying the file is invalidated,
like vnode is reclaimed, tty is revoked, etc. For the wrong type, EINVAL
should be returned.

jaildesc_close() does
	finit(fp, 0, DTYPE_NONE, NULL, &badfileops);
that is not needed, same as cleaning f_data.

There are fo_chown/fo_chmod methods that are semantically applied to the
jail files, instead of the underlying object.  This is quite strange, files
do not have concept of owner.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aLokHDP-EMa1LR0D>