Date: Sat, 17 Jun 2006 15:53:30 GMT From: Alex Lyashkov <als@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 99434 for review Message-ID: <200606171553.k5HFrUZ3067289@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=99434 Change 99434 by als@als_head on 2006/06/17 15:53:03 Initial import jail2 into PerForce. With additionaly to last published fixed build world and implementated per jail file handle limit. Affected files ... .. //depot/projects/jail2/sys/amd64/amd64/dump_machdep.c#2 edit .. //depot/projects/jail2/sys/amd64/amd64/minidump_machdep.c#2 edit .. //depot/projects/jail2/sys/arm/arm/dump_machdep.c#2 edit .. //depot/projects/jail2/sys/compat/linprocfs/linprocfs.c#2 edit .. //depot/projects/jail2/sys/compat/linux/linux_mib.c#2 edit .. //depot/projects/jail2/sys/compat/linux/linux_misc.c#2 edit .. //depot/projects/jail2/sys/compat/linux/linux_stats.c#2 edit .. //depot/projects/jail2/sys/compat/svr4/svr4_stat.c#2 edit .. //depot/projects/jail2/sys/conf/NOTES#2 edit .. //depot/projects/jail2/sys/conf/files#2 edit .. //depot/projects/jail2/sys/conf/options#2 edit .. //depot/projects/jail2/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c#2 edit .. //depot/projects/jail2/sys/contrib/ipfilter/netinet/ip_nat.c#2 edit .. //depot/projects/jail2/sys/ddb/db_command.c#2 edit .. //depot/projects/jail2/sys/ddb/db_ps.c#2 edit .. //depot/projects/jail2/sys/dev/firewire/firewire.c#2 edit .. //depot/projects/jail2/sys/dev/hwpmc/hwpmc_mod.c#2 edit .. //depot/projects/jail2/sys/dev/syscons/daemon/daemon_saver.c#2 edit .. //depot/projects/jail2/sys/fs/procfs/procfs_status.c#2 edit .. //depot/projects/jail2/sys/geom/vinum/geom_vinum_drive.c#2 edit .. //depot/projects/jail2/sys/i386/i386/dump_machdep.c#2 edit .. //depot/projects/jail2/sys/i386/i386/minidump_machdep.c#2 edit .. //depot/projects/jail2/sys/i386/i386/pmap.c#2 edit .. //depot/projects/jail2/sys/i386/ibcs2/ibcs2_socksys.c#2 edit .. //depot/projects/jail2/sys/i386/ibcs2/ibcs2_stat.c#2 edit .. //depot/projects/jail2/sys/i386/ibcs2/ibcs2_sysvec.c#2 edit .. //depot/projects/jail2/sys/i386/ibcs2/ibcs2_xenix.c#2 edit .. //depot/projects/jail2/sys/ia64/ia64/dump_machdep.c#2 edit .. //depot/projects/jail2/sys/isofs/cd9660/cd9660_rrip.c#2 edit .. //depot/projects/jail2/sys/kern/imgact_elf.c#2 edit .. //depot/projects/jail2/sys/kern/init_main.c#2 edit .. //depot/projects/jail2/sys/kern/kern_descrip.c#2 edit .. //depot/projects/jail2/sys/kern/kern_exec.c#2 edit .. //depot/projects/jail2/sys/kern/kern_exit.c#2 edit .. //depot/projects/jail2/sys/kern/kern_fork.c#2 edit .. //depot/projects/jail2/sys/kern/kern_jail.c#2 edit .. //depot/projects/jail2/sys/kern/kern_jail2_common.c#1 add .. //depot/projects/jail2/sys/kern/kern_jail2_disk.c#1 add .. //depot/projects/jail2/sys/kern/kern_jail2_network.c#1 add .. //depot/projects/jail2/sys/kern/kern_jail2_resource.c#1 add .. //depot/projects/jail2/sys/kern/kern_ktrace.c#2 edit .. //depot/projects/jail2/sys/kern/kern_linker.c#2 edit .. //depot/projects/jail2/sys/kern/kern_mib.c#2 edit .. //depot/projects/jail2/sys/kern/kern_proc.c#2 edit .. //depot/projects/jail2/sys/kern/kern_prot.c#2 edit .. //depot/projects/jail2/sys/kern/kern_resource.c#2 edit .. //depot/projects/jail2/sys/kern/kern_sig.c#2 edit .. //depot/projects/jail2/sys/kern/sysv_ipc.c#2 edit .. //depot/projects/jail2/sys/kern/sysv_msg.c#2 edit .. //depot/projects/jail2/sys/kern/sysv_sem.c#2 edit .. //depot/projects/jail2/sys/kern/sysv_shm.c#2 edit .. //depot/projects/jail2/sys/kern/uipc_socket.c#2 edit .. //depot/projects/jail2/sys/kern/uipc_usrreq.c#3 edit .. //depot/projects/jail2/sys/kern/vfs_mount.c#2 edit .. //depot/projects/jail2/sys/kern/vfs_syscalls.c#2 edit .. //depot/projects/jail2/sys/net/if.c#2 edit .. //depot/projects/jail2/sys/net/if.c.new#1 add .. //depot/projects/jail2/sys/net/rtsock.c#2 edit .. //depot/projects/jail2/sys/net/rtsock.c.new#1 add .. //depot/projects/jail2/sys/net80211/ieee80211_ioctl.c#2 edit .. //depot/projects/jail2/sys/netinet/in_pcb.c#2 edit .. //depot/projects/jail2/sys/netinet/ip_fw2.c#2 edit .. //depot/projects/jail2/sys/netinet/raw_ip.c#2 edit .. //depot/projects/jail2/sys/netinet/tcp_usrreq.c#2 edit .. //depot/projects/jail2/sys/netinet/udp_usrreq.c#2 edit .. //depot/projects/jail2/sys/netinet6/icmp6.c#2 edit .. //depot/projects/jail2/sys/netinet6/in6.c#2 edit .. //depot/projects/jail2/sys/netinet6/in6_ifattach.c#2 edit .. //depot/projects/jail2/sys/netinet6/in6_pcb.c#2 edit .. //depot/projects/jail2/sys/nfsclient/bootp_subr.c#2 edit .. //depot/projects/jail2/sys/nfsclient/nfs_vfsops.c#2 edit .. //depot/projects/jail2/sys/sparc64/sparc64/dump_machdep.c#2 edit .. //depot/projects/jail2/sys/sys/ipc.h#2 edit .. //depot/projects/jail2/sys/sys/jail.h#2 edit .. //depot/projects/jail2/sys/sys/jail2.h#1 add .. //depot/projects/jail2/sys/sys/jail2_disks.h#1 add .. //depot/projects/jail2/sys/sys/jail2_file.h#1 add .. //depot/projects/jail2/sys/sys/jail2_flags.h#1 add .. //depot/projects/jail2/sys/sys/jail2_ipc.h#1 add .. //depot/projects/jail2/sys/sys/jail2_limits.h#1 add .. //depot/projects/jail2/sys/sys/jail2_network.h#1 add .. //depot/projects/jail2/sys/sys/jail2_task.h#1 add .. //depot/projects/jail2/sys/sys/kernel.h#2 edit .. //depot/projects/jail2/sys/sys/resourcevar.h#2 edit .. //depot/projects/jail2/sys/sys/systm.h#2 edit .. //depot/projects/jail2/sys/ufs/ufs/dinode.h#2 edit .. //depot/projects/jail2/sys/ufs/ufs/ufs_vnops.c#2 edit .. //depot/projects/jail2/sys/vm/vm_object.c#2 edit .. //depot/projects/jail2/sys/vm/vm_pageout.c#2 edit Differences ... ==== //depot/projects/jail2/sys/amd64/amd64/dump_machdep.c#2 (text+ko) ==== @@ -39,6 +39,10 @@ #include <machine/elf.h> #include <machine/md_var.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + CTASSERT(sizeof(struct kerneldumpheader) == 512); int do_minidump = 1; @@ -118,7 +122,7 @@ kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); + strncpy(kdh->hostname, hostname(), sizeof(kdh->hostname)); strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); if (panicstr != NULL) strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); ==== //depot/projects/jail2/sys/amd64/amd64/minidump_machdep.c#2 (text) ==== @@ -42,6 +42,10 @@ #include <machine/vmparam.h> #include <machine/minidump.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + CTASSERT(sizeof(struct kerneldumpheader) == 512); /* @@ -94,7 +98,7 @@ kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); + strncpy(kdh->hostname, hostname(), sizeof(kdh->hostname)); strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); if (panicstr != NULL) strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); ==== //depot/projects/jail2/sys/arm/arm/dump_machdep.c#2 (text+ko) ==== @@ -41,6 +41,10 @@ #include <machine/pcb.h> #include <machine/armreg.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + CTASSERT(sizeof(struct kerneldumpheader) == 512); /* @@ -116,7 +120,7 @@ kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); + strncpy(kdh->hostname, hostname(), sizeof(kdh->hostname)); strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); if (panicstr != NULL) strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); ==== //depot/projects/jail2/sys/compat/linprocfs/linprocfs.c#2 (text+ko) ==== @@ -48,7 +48,6 @@ #include <sys/conf.h> #include <sys/exec.h> #include <sys/filedesc.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/linker.h> #include <sys/lock.h> @@ -68,6 +67,10 @@ #include <sys/vmmeter.h> #include <sys/vnode.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <net/if.h> #include <vm/vm.h> @@ -688,8 +691,11 @@ struct vnode *rvp; char *fullpath = "unknown"; char *freepath = NULL; - +#ifdef JAIL rvp = jailed(p->p_ucred) ? p->p_fd->fd_jdir : p->p_fd->fd_rdir; +#else + rvp = p->p_fd->fd_rdir; +#endif vn_fullpath(td, rvp, &fullpath, &freepath); sbuf_printf(sb, "%s", fullpath); if (freepath) ==== //depot/projects/jail2/sys/compat/linux/linux_mib.c#2 (text+ko) ==== @@ -35,10 +35,13 @@ #include <sys/sysctl.h> #include <sys/proc.h> #include <sys/malloc.h> -#include <sys/jail.h> #include <sys/lock.h> #include <sys/mutex.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include "opt_compat.h" #ifdef COMPAT_LINUX32 @@ -123,12 +126,14 @@ 0, 0, linux_sysctl_oss_version, "I", "Linux OSS version"); +#ifdef JAIL /* * Returns holding the prison mutex if return non-NULL. */ static struct prison * linux_get_prison(struct thread *td) { + register struct prison *pr; register struct linux_prison *lpr; @@ -137,7 +142,7 @@ return (NULL); pr = td->td_ucred->cr_prison; mtx_lock(&pr->pr_mtx); - if (pr->pr_linux == NULL) { + if (jailed(td->td_ucred)) { /* * If we don't have a linux prison structure yet, allocate * one. We have to handle the race where another thread @@ -153,16 +158,19 @@ free(lpr, M_PRISON); } return (pr); + } +#endif void linux_get_osname(struct thread *td, char *dst) { +#ifdef JAIL register struct prison *pr; register struct linux_prison *lpr; pr = td->td_ucred->cr_prison; - if (pr != NULL) { + if (jailed(td->td_ucred)) { mtx_lock(&pr->pr_mtx); if (pr->pr_linux != NULL) { lpr = (struct linux_prison *)pr->pr_linux; @@ -174,7 +182,7 @@ } mtx_unlock(&pr->pr_mtx); } - +#endif mtx_lock(&osname_lock); bcopy(linux_osname, dst, LINUX_MAX_UTSNAME); mtx_unlock(&osname_lock); @@ -183,6 +191,7 @@ int linux_set_osname(struct thread *td, char *osname) { +#ifdef JAIL struct prison *pr; struct linux_prison *lpr; @@ -196,6 +205,11 @@ strcpy(linux_osname, osname); mtx_unlock(&osname_lock); } +#else + mtx_lock(&osname_lock); + strcpy(linux_osname, osname); + mtx_unlock(&osname_lock); +#endif return (0); } @@ -203,11 +217,12 @@ void linux_get_osrelease(struct thread *td, char *dst) { +#ifdef JAIL register struct prison *pr; struct linux_prison *lpr; pr = td->td_ucred->cr_prison; - if (pr != NULL) { + if (jailed(td->td_ucred)) { mtx_lock(&pr->pr_mtx); if (pr->pr_linux != NULL) { lpr = (struct linux_prison *)pr->pr_linux; @@ -220,7 +235,7 @@ } mtx_unlock(&pr->pr_mtx); } - +#endif mtx_lock(&osname_lock); bcopy(linux_osrelease, dst, LINUX_MAX_UTSNAME); mtx_unlock(&osname_lock); @@ -229,6 +244,7 @@ int linux_set_osrelease(struct thread *td, char *osrelease) { +#ifdef JAIL struct prison *pr; struct linux_prison *lpr; @@ -242,6 +258,11 @@ strcpy(linux_osrelease, osrelease); mtx_unlock(&osname_lock); } +#else + mtx_lock(&osname_lock); + strcpy(linux_osrelease, osrelease); + mtx_unlock(&osname_lock); +#endif return (0); } @@ -249,12 +270,14 @@ int linux_get_oss_version(struct thread *td) { + int version; +#ifdef JAIL register struct prison *pr; register struct linux_prison *lpr; - int version; + pr = td->td_ucred->cr_prison; - if (pr != NULL) { + if (jailed(td->td_ucred)) { mtx_lock(&pr->pr_mtx); if (pr->pr_linux != NULL) { lpr = (struct linux_prison *)pr->pr_linux; @@ -266,7 +289,7 @@ } mtx_unlock(&pr->pr_mtx); } - +#endif mtx_lock(&osname_lock); version = linux_oss_version; mtx_unlock(&osname_lock); @@ -276,6 +299,7 @@ int linux_set_oss_version(struct thread *td, int oss_version) { +#ifdef JAIL struct prison *pr; struct linux_prison *lpr; @@ -289,6 +313,11 @@ linux_oss_version = oss_version; mtx_unlock(&osname_lock); } +#else + mtx_lock(&osname_lock); + linux_oss_version = oss_version; + mtx_unlock(&osname_lock); +#endif return (0); } ==== //depot/projects/jail2/sys/compat/linux/linux_misc.c#2 (text+ko) ==== @@ -39,7 +39,6 @@ #if defined(__i386__) #include <sys/imgact_aout.h> #endif -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/limits.h> #include <sys/lock.h> @@ -63,6 +62,10 @@ #include <sys/vnode.h> #include <sys/wait.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <vm/vm.h> #include <vm/pmap.h> #include <vm/vm_kern.h> @@ -699,7 +702,11 @@ bzero(&utsname, sizeof(utsname)); strlcpy(utsname.sysname, osname, LINUX_MAX_UTSNAME); +#ifdef JAIL getcredhostname(td->td_ucred, utsname.nodename, LINUX_MAX_UTSNAME); +#else + strlcpy(utsname.nodename, hostname, LINUX_MAX_UTSNAME); +#endif strlcpy(utsname.release, osrelease, LINUX_MAX_UTSNAME); strlcpy(utsname.version, version, LINUX_MAX_UTSNAME); for (p = utsname.version; *p != '\0'; ++p) ==== //depot/projects/jail2/sys/compat/linux/linux_stats.c#2 (text+ko) ==== @@ -37,7 +37,6 @@ #include <sys/file.h> #include <sys/filedesc.h> #include <sys/proc.h> -#include <sys/jail.h> #include <sys/mac.h> #include <sys/malloc.h> #include <sys/mount.h> @@ -49,6 +48,10 @@ #include <sys/conf.h> #include <sys/fcntl.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #ifdef COMPAT_LINUX32 #include <machine/../linux32/linux.h> #include <machine/../linux32/linux32_proto.h> ==== //depot/projects/jail2/sys/compat/svr4/svr4_stat.c#2 (text+ko) ==== @@ -34,7 +34,6 @@ #include <sys/proc.h> #include <sys/stat.h> #include <sys/filedesc.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/malloc.h> #include <sys/unistd.h> @@ -44,6 +43,10 @@ #include <sys/sysproto.h> #include <sys/un.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <vm/vm.h> #include <netinet/in.h> @@ -397,7 +400,11 @@ memset(&sut, 0, sizeof(sut)); strlcpy(sut.sysname, ostype, sizeof(sut.sysname)); +#ifdef JAIL getcredhostname(td->td_ucred, sut.nodename, sizeof(sut.nodename)); +#else + strlcpy(sut.nodename, hostname(), sizeof(sut.nodename)); +#endif strlcpy(sut.release, osrelease, sizeof(sut.release)); strlcpy(sut.version, version, sizeof(sut.version)); strlcpy(sut.machine, machine, sizeof(sut.machine)); @@ -426,7 +433,12 @@ break; case SVR4_SI_HOSTNAME: - str = hostname; + /* XXXX */ +#ifdef JAIL + str = td->td_ucred->cr_prison->pr_host; +#else + str = hostname(); +#endif break; case SVR4_SI_RELEASE: ==== //depot/projects/jail2/sys/conf/NOTES#2 (text+ko) ==== @@ -281,7 +281,9 @@ options SYSVSHM options SYSVSEM options SYSVMSG - +# +# Enable Jail +options JAIL ##################################################################### # DEBUGGING OPTIONS ==== //depot/projects/jail2/sys/conf/files#2 (text+ko) ==== @@ -1283,6 +1283,10 @@ kern/kern_idle.c standard kern/kern_intr.c standard kern/kern_jail.c standard +kern/kern_jail2_common.c optional jail +kern/kern_jail2_network.c optional jail +kern/kern_jail2_resource.c optional jail +kern/kern_jail2_disk.c optional jail kern/kern_kse.c standard kern/kern_kthread.c standard kern/kern_ktr.c optional ktr ==== //depot/projects/jail2/sys/conf/options#2 (text+ko) ==== @@ -723,3 +723,6 @@ # XFS XFS + +# JAIL +JAIL opt_global.h ==== //depot/projects/jail2/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c#2 (text+ko) ==== @@ -107,6 +107,10 @@ #endif extern int ip_optcopy __P((struct ip *, struct ip *)); +#ifdef JAIL +#include <sys/jail.h> +#endif + #if (__FreeBSD_version > 460000) extern int path_mtu_discovery; #endif @@ -460,7 +464,7 @@ friostat_t fio; #if (BSD >= 199306) && defined(_KERNEL) - if ((securelevel >= 3) && (mode & FWRITE)) + if ((securelevel() >= 3) && (mode & FWRITE)) return EPERM; #endif ==== //depot/projects/jail2/sys/contrib/ipfilter/netinet/ip_nat.c#2 (text+ko) ==== @@ -104,6 +104,10 @@ #endif /* END OF INCLUDES */ +#ifdef JAIL +#include <sys/jail.h> +#endif + #undef SOCKADDR_IN #define SOCKADDR_IN struct sockaddr_in @@ -622,7 +626,7 @@ ipnat_t natd; #if (BSD >= 199306) && defined(_KERNEL) - if ((securelevel >= 3) && (mode & FWRITE)) + if ((securelevel() >= 3) && (mode & FWRITE)) return EPERM; #endif ==== //depot/projects/jail2/sys/ddb/db_command.c#2 (text+ko) ==== @@ -564,7 +564,7 @@ * since we're in DDB. */ /* sx_slock(&allproc_lock); */ - LIST_FOREACH(p, &allproc, p_list) + FOREACH_PROC_IN_SYSTEM(p) if (p->p_pid == pid) break; /* sx_sunlock(&allproc_lock); */ ==== //depot/projects/jail2/sys/ddb/db_ps.c#2 (text+ko) ==== @@ -32,7 +32,6 @@ #include <sys/param.h> #include <sys/cons.h> -#include <sys/jail.h> #include <sys/kdb.h> #include <sys/linker_set.h> #include <sys/proc.h> @@ -42,6 +41,10 @@ #include <vm/vm_param.h> #include <vm/pmap.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <ddb/ddb.h> static void dumpthread(volatile struct proc *p, volatile struct thread *td, @@ -179,8 +182,10 @@ /* Cheated here and didn't compare pgid's. */ if (p->p_flag & P_CONTROLT) strlcat(state, "+", sizeof(state)); +#ifdef JAIL if (cred != NULL && jailed(cred)) strlcat(state, "J", sizeof(state)); +#endif db_printf(" %-6.6s ", state); if (p->p_flag & P_HADTHREADS) #ifdef __LP64__ ==== //depot/projects/jail2/sys/dev/firewire/firewire.c#2 (text+ko) ==== @@ -66,6 +66,10 @@ #include <dev/firewire/iec68113.h> #endif +#ifdef JAIL +#include <sys/jail.h> +#endif + struct crom_src_buf { struct crom_src src; struct crom_chunk root; @@ -649,7 +653,7 @@ crom_add_simple_text(src, root, &buf->vendor, "FreeBSD Project"); crom_add_entry(root, CSRKEY_HW, __FreeBSD_version); #endif - crom_add_simple_text(src, root, &buf->hw, hostname); + crom_add_simple_text(src, root, &buf->hw, hostname()); } /* ==== //depot/projects/jail2/sys/dev/hwpmc/hwpmc_mod.c#2 (text+ko) ==== @@ -30,7 +30,6 @@ #include <sys/param.h> #include <sys/eventhandler.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/kthread.h> #include <sys/limits.h> @@ -53,6 +52,10 @@ #include <sys/systm.h> #include <sys/vnode.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <sys/linker.h> /* needs to be after <sys/malloc.h> */ #include <machine/atomic.h> @@ -2783,8 +2786,11 @@ KASSERT(td == curthread, ("[pmc,%d] td != curthread", __LINE__)); - +#ifdef JAIL if (suser(td) || jailed(td->td_ucred)) { +#else + if (suser(td)) { +#endif error = EPERM; break; } @@ -2920,9 +2926,13 @@ */ if (PMC_IS_SYSTEM_MODE(mode)) { +#ifdef JAIL if (jailed(curthread->td_ucred)) error = EPERM; else if (suser(curthread) && +#else + if (suser(curthread) && +#endif (pmc_unprivileged_syspmcs == 0)) error = EPERM; } ==== //depot/projects/jail2/sys/dev/syscons/daemon/daemon_saver.c#2 (text+ko) ==== @@ -37,6 +37,10 @@ #include <sys/consio.h> #include <sys/fbio.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <machine/pc/display.h> #include <dev/fb/fbreg.h> @@ -350,10 +354,12 @@ static int daemon_init(video_adapter_t *adp) { - messagelen = strlen(hostname) + 3 + strlen(ostype) + 1 + + messagelen = strlen(hostname()) + 3 + strlen(ostype) + 1 + strlen(osrelease); + message = malloc(messagelen + 1, M_DEVBUF, M_WAITOK); - sprintf(message, "%s - %s %s", hostname, ostype, osrelease); + sprintf(message, "%s - %s %s", hostname(), ostype, osrelease); + blanked = 0; switch (adp->va_mode) { case M_PC98_80x25: @@ -364,7 +370,6 @@ attr_mask = ~0; break; } - return 0; } ==== //depot/projects/jail2/sys/fs/procfs/procfs_status.c#2 (text+ko) ==== @@ -43,7 +43,6 @@ #include <sys/exec.h> #include <sys/lock.h> #include <sys/mutex.h> -#include <sys/jail.h> #include <sys/malloc.h> #include <sys/mutex.h> #include <sys/sx.h> @@ -53,6 +52,10 @@ #include <sys/sysent.h> #include <sys/tty.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <vm/vm.h> #include <vm/pmap.h> #include <vm/vm_param.h> @@ -155,7 +158,8 @@ for (i = 0; i < cr->cr_ngroups; i++) { sbuf_printf(sb, ",%lu", (u_long)cr->cr_groups[i]); } - + +#ifdef JAIL if (jailed(p->p_ucred)) { mtx_lock(&p->p_ucred->cr_prison->pr_mtx); sbuf_printf(sb, " %s", p->p_ucred->cr_prison->pr_host); @@ -163,6 +167,9 @@ } else { sbuf_printf(sb, " -"); } +#else + sbuf_printf(sb, " -"); +#endif PROC_UNLOCK(p); sbuf_printf(sb, "\n"); ==== //depot/projects/jail2/sys/geom/vinum/geom_vinum_drive.c#2 (text+ko) ==== @@ -42,6 +42,10 @@ #include <sys/systm.h> #include <sys/time.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <geom/geom.h> #include <geom/vinum/geom_vinum_var.h> #include <geom/vinum/geom_vinum.h> @@ -61,8 +65,8 @@ vhdr = g_malloc(sizeof(*vhdr), M_WAITOK | M_ZERO); vhdr->magic = GV_MAGIC; vhdr->config_length = GV_CFG_LEN; - - bcopy(hostname, vhdr->label.sysname, GV_HOSTNAME_LEN); + + bcopy(hostname(), vhdr->label.sysname, GV_HOSTNAME_LEN); strncpy(vhdr->label.name, d->name, GV_MAXDRIVENAME); microtime(&vhdr->label.date_of_birth); ==== //depot/projects/jail2/sys/i386/i386/dump_machdep.c#2 (text+ko) ==== @@ -39,6 +39,10 @@ #include <machine/elf.h> #include <machine/md_var.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + CTASSERT(sizeof(struct kerneldumpheader) == 512); int do_minidump = 1; @@ -118,7 +122,7 @@ kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); + strncpy(kdh->hostname, hostname(), sizeof(kdh->hostname)); strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); if (panicstr != NULL) strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); ==== //depot/projects/jail2/sys/i386/i386/minidump_machdep.c#2 (text) ==== @@ -42,6 +42,10 @@ #include <machine/vmparam.h> #include <machine/minidump.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + CTASSERT(sizeof(struct kerneldumpheader) == 512); /* @@ -92,7 +96,7 @@ kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); + strncpy(kdh->hostname, hostname(), sizeof(kdh->hostname)); strncpy(kdh->versionstring, version, sizeof(kdh->versionstring)); if (panicstr != NULL) strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring)); ==== //depot/projects/jail2/sys/i386/i386/pmap.c#2 (text+ko) ==== @@ -3401,7 +3401,7 @@ int index; sx_slock(&allproc_lock); - LIST_FOREACH(p, &allproc, p_list) { + FOREACH_PROC_IN_SYSTEM(p) { if (p->p_pid != pid) continue; ==== //depot/projects/jail2/sys/i386/ibcs2/ibcs2_socksys.c#2 (text+ko) ==== @@ -29,10 +29,13 @@ #include <sys/param.h> #include <sys/systm.h> #include <sys/sysproto.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/sysctl.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <i386/ibcs2/ibcs2_socksys.h> #include <i386/ibcs2/ibcs2_util.h> @@ -150,8 +153,6 @@ int len; /* Get the domain name */ - getcredhostname(td->td_ucred, hname, sizeof(hname)); - dptr = index(hname, '.'); if ( dptr ) dptr++; @@ -177,12 +178,17 @@ if ((error = suser(td))) return (error); + + /* Get the host's unqualified name (strip off the domain) */ +#ifdef JAIL + getcredhostname(td->td_ucred, hname, sizeof(hname)); +#else + strlcpy(hname, hostname, sizeof(hname)); +#endif /* W/out a hostname a domain-name is nonsense */ - if ( strlen(hostname) == 0 ) + if ( strlen(hname) == 0 ) return EINVAL; - /* Get the host's unqualified name (strip off the domain) */ - snprintf(hname, sizeof(hname), "%s", hostname); ptr = index(hname, '.'); if ( ptr != NULL ) { ptr++; ==== //depot/projects/jail2/sys/i386/ibcs2/ibcs2_stat.c#2 (text+ko) ==== @@ -35,7 +35,6 @@ #include <sys/file.h> #include <sys/stat.h> #include <sys/filedesc.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/mount.h> #include <sys/malloc.h> @@ -44,6 +43,10 @@ #include <sys/sysctl.h> #include <sys/sysproto.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <i386/ibcs2/ibcs2_signal.h> #include <i386/ibcs2/ibcs2_stat.h> #include <i386/ibcs2/ibcs2_statfs.h> @@ -210,8 +213,13 @@ IBCS2_UNAME_RELEASE, sizeof(sut.release) - 1); strncpy(sut.version, IBCS2_UNAME_VERSION, sizeof(sut.version) - 1); +#ifdef JAIL getcredhostname(td->td_ucred, machine_name, sizeof(machine_name) - 1); +#else + strlcpy(machine_name, hostname, sizeof(machine_name) - 1); +#endif + p = index(machine_name, '.'); if ( p ) *p = '\0'; ==== //depot/projects/jail2/sys/i386/ibcs2/ibcs2_sysvec.c#2 (text+ko) ==== @@ -110,7 +110,7 @@ case MOD_UNLOAD: /* if this was an ELF module we'd use elf_brand_inuse()... */ sx_slock(&allproc_lock); - LIST_FOREACH(p, &allproc, p_list) { + FOREACH_PROC_IN_SYSTEM(p) { if (p->p_sysent == &ibcs2_svr3_sysvec) { rval = EBUSY; break; ==== //depot/projects/jail2/sys/i386/ibcs2/ibcs2_xenix.c#2 (text+ko) ==== @@ -35,7 +35,6 @@ #include <sys/systm.h> #include <sys/namei.h> #include <sys/sysproto.h> -#include <sys/jail.h> #include <sys/kernel.h> #include <sys/malloc.h> #include <sys/filio.h> @@ -44,6 +43,10 @@ #include <sys/sysctl.h> #include <sys/unistd.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + #include <machine/cpu.h> #include <i386/ibcs2/ibcs2_types.h> @@ -171,8 +174,12 @@ bzero(&ibcs2_sco_uname, sizeof(struct ibcs2_sco_utsname)); strncpy(ibcs2_sco_uname.sysname, ostype, sizeof(ibcs2_sco_uname.sysname) - 1); +#ifdef JAIL getcredhostname(td->td_ucred, ibcs2_sco_uname.nodename, sizeof(ibcs2_sco_uname.nodename) - 1); +#else + strlcpy(ibcs2_sco_uname.nodename, hostname(), sizeof(ibcs2_sco_uname.nodename)-1); +#endif strncpy(ibcs2_sco_uname.release, osrelease, sizeof(ibcs2_sco_uname.release) - 1); strncpy(ibcs2_sco_uname.kernelid, version, ==== //depot/projects/jail2/sys/ia64/ia64/dump_machdep.c#2 (text+ko) ==== @@ -39,6 +39,10 @@ #include <machine/elf.h> #include <machine/md_var.h> +#ifdef JAIL +#include <sys/jail.h> +#endif + CTASSERT(sizeof(struct kerneldumpheader) == 512); /* @@ -73,7 +77,7 @@ kdh->dumplength = htod64(dumplen); kdh->dumptime = htod64(time_second); kdh->blocksize = htod32(blksz); - strncpy(kdh->hostname, hostname, sizeof(kdh->hostname)); + strncpy(kdh->hostname, hostname(), sizeof(kdh->hostname)); >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606171553.k5HFrUZ3067289>