Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 29 May 2026 16:01:35 +0000
From:      Olivier Certner <olce@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: cf942ac9e967 - main - MAC/do: find_conf(): Turn an MPASS() into a KASSERT()
Message-ID:  <6a19b85f.346b4.2d2a568@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch main has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=cf942ac9e967055286a7076bf76e9a62e1d22d8f

commit cf942ac9e967055286a7076bf76e9a62e1d22d8f
Author:     Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2026-04-27 12:16:46 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2026-05-29 15:21:55 +0000

    MAC/do: find_conf(): Turn an MPASS() into a KASSERT()
    
    Turn the pre-existing comment into an assertion message, with an update
    following the introduction of the "executable paths" feature.
    
    Explain in a comment why this situation cannot happen.
    
    Without INVARIANTS, such a situation would cause an immediate panic()
    (NULL is dereferenced in the next iteration of the loop), so leave the
    check under INVARIANTS only.
    
    Reviewed by:    bapt
    MFC after:      1 month
    Sponsored by:   The FreeBSD Foundation
    Pull Request:   https://ron-dev.freebsd.org/FreeBSD/src/pulls/38
---
 sys/security/mac_do/mac_do.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
index ab6c21b38063..3d0ce2b49baa 100644
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -1184,7 +1184,15 @@ find_conf(struct prison *const pr, struct prison **const aprp)
 		prison_unlock(cpr);
 
 		ppr = cpr->pr_parent;
-		MPASS(ppr != NULL); /* prison0 always has rules. */
+		/*
+		 * 'prison0' normally always have a mac_do(4) configuration
+		 * because we installed one on module load/activation and
+		 * nothing can destroy it as 'prison0' is not a regular jail and
+		 * the 'mac.do' parameter cannot be set to 'inherit' on it,
+		 * which is the only way to clear an existing configuration.
+		 */
+		KASSERT(ppr != NULL,
+		    ("MAC/do: 'prison0' must always have a configuration."));
 		cpr = ppr;
 	}
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a19b85f.346b4.2d2a568>