From owner-svn-src-head@FreeBSD.ORG Fri May 29 21:27:13 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6067F1065678; Fri, 29 May 2009 21:27:13 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 4A6C48FC1E; Fri, 29 May 2009 21:27:13 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n4TLRD1p087286; Fri, 29 May 2009 21:27:13 GMT (envelope-from jamie@svn.freebsd.org) Received: (from jamie@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n4TLRCMU087261; Fri, 29 May 2009 21:27:12 GMT (envelope-from jamie@svn.freebsd.org) Message-Id: <200905292127.n4TLRCMU087261@svn.freebsd.org> From: Jamie Gritton Date: Fri, 29 May 2009 21:27:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r193066 - in head: sys/amd64/amd64 sys/arm/arm sys/cddl/compat/opensolaris/kern sys/compat/linux sys/compat/svr4 sys/ddb sys/dev/firewire sys/dev/syscons/daemon sys/fs/cd9660 sys/fs/nfs... X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 21:27:13 -0000 Author: jamie Date: Fri May 29 21:27:12 2009 New Revision: 193066 URL: http://svn.freebsd.org/changeset/base/193066 Log: Place hostnames and similar information fully under the prison system. The system hostname is now stored in prison0, and the global variable "hostname" has been removed, as has the hostname_mtx mutex. Jails may have their own host information, or they may inherit it from the parent/system. The proper way to read the hostname is via getcredhostname(), which will copy either the hostname associated with the passed cred, or the system hostname if you pass NULL. The system hostname can still be accessed directly (and without locking) at prison0.pr_host, but that should be avoided where possible. The "similar information" referred to is domainname, hostid, and hostuuid, which have also become prison parameters and had their associated global variables removed. Approved by: bz (mentor) Modified: head/sys/amd64/amd64/dump_machdep.c head/sys/amd64/amd64/minidump_machdep.c head/sys/arm/arm/dump_machdep.c head/sys/cddl/compat/opensolaris/kern/opensolaris.c head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.c head/sys/compat/linux/linux_misc.c head/sys/compat/svr4/svr4_stat.c head/sys/ddb/db_textdump.c head/sys/dev/firewire/firewire.c head/sys/dev/syscons/daemon/daemon_saver.c head/sys/fs/cd9660/cd9660_rrip.c head/sys/fs/nfs/nfsport.h head/sys/fs/nfsclient/nfs_clstate.c head/sys/fs/nfsclient/nfs_clvfsops.c head/sys/geom/vinum/geom_vinum_create.c head/sys/geom/vinum/geom_vinum_drive.c head/sys/i386/i386/dump_machdep.c head/sys/i386/i386/minidump_machdep.c head/sys/i386/ibcs2/ibcs2_socksys.c head/sys/ia64/ia64/dump_machdep.c head/sys/kern/kern_jail.c head/sys/kern/kern_mib.c head/sys/kern/kern_shutdown.c head/sys/kern/kern_xxx.c head/sys/kgssapi/gsstest.c head/sys/netinet6/icmp6.c head/sys/netinet6/in6_ifattach.c head/sys/nfsclient/bootp_subr.c head/sys/nfsclient/nfs_vfsops.c head/sys/nfsserver/nfs_srvkrpc.c head/sys/nlm/nlm_advlock.c head/sys/rpc/authunix_prot.c head/sys/sparc64/sparc64/dump_machdep.c head/sys/sun4v/sun4v/dump_machdep.c head/sys/sys/jail.h head/sys/sys/kernel.h head/sys/sys/priv.h head/sys/sys/vimage.h head/usr.sbin/jail/jail.8 Modified: head/sys/amd64/amd64/dump_machdep.c ============================================================================== --- head/sys/amd64/amd64/dump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/amd64/amd64/dump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -34,7 +34,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include Modified: head/sys/amd64/amd64/minidump_machdep.c ============================================================================== --- head/sys/amd64/amd64/minidump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/amd64/amd64/minidump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -34,7 +34,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include Modified: head/sys/arm/arm/dump_machdep.c ============================================================================== --- head/sys/arm/arm/dump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/arm/arm/dump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -35,7 +35,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris.c ============================================================================== --- head/sys/cddl/compat/opensolaris/kern/opensolaris.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/cddl/compat/opensolaris/kern/opensolaris.c Fri May 29 21:27:12 2009 (r193066) @@ -31,11 +31,11 @@ #include #include #include +#include #include #include #include #include -#include cpu_core_t cpu_core[MAXCPU]; kmutex_t cpu_lock; @@ -83,7 +83,7 @@ opensolaris_modevent(module_t mod __unus switch (type) { case MOD_LOAD: - utsname.nodename = G_hostname; + utsname.nodename = prison0.pr_host; break; case MOD_UNLOAD: Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.c ============================================================================== --- head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.c Fri May 29 21:27:12 2009 (r193066) @@ -28,6 +28,7 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include #include @@ -57,7 +58,7 @@ ddi_strtoul(const char *str, char **nptr { if (str == hw_serial) { - *result = hostid; + *result = prison0.pr_hostid; return (0); } Modified: head/sys/compat/linux/linux_misc.c ============================================================================== --- head/sys/compat/linux/linux_misc.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/compat/linux/linux_misc.c Fri May 29 21:27:12 2009 (r193066) @@ -64,7 +64,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -715,10 +714,10 @@ linux_times(struct thread *td, struct li int linux_newuname(struct thread *td, struct linux_newuname_args *args) { - INIT_VPROCG(TD_TO_VPROCG(td)); struct l_new_utsname utsname; char osname[LINUX_MAX_UTSNAME]; char osrelease[LINUX_MAX_UTSNAME]; + struct prison *pr; char *p; #ifdef DEBUG @@ -741,9 +740,10 @@ linux_newuname(struct thread *td, struct } strlcpy(utsname.machine, linux_platform, LINUX_MAX_UTSNAME); - mtx_lock(&hostname_mtx); - strlcpy(utsname.domainname, V_domainname, LINUX_MAX_UTSNAME); - mtx_unlock(&hostname_mtx); + pr = td->td_ucred->cr_prison; + mtx_lock(&pr->pr_mtx); + strlcpy(utsname.domainname, pr->pr_domain, LINUX_MAX_UTSNAME); + mtx_unlock(&pr->pr_mtx); return (copyout(&utsname, args->buf, sizeof(utsname))); } Modified: head/sys/compat/svr4/svr4_stat.c ============================================================================== --- head/sys/compat/svr4/svr4_stat.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/compat/svr4/svr4_stat.c Fri May 29 21:27:12 2009 (r193066) @@ -43,7 +43,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -386,7 +385,7 @@ svr4_ustat(td, uap) return 0; } -/*extern char ostype[], hostname[], osrelease[], version[], machine[];*/ +/*extern char ostype[], osrelease[], version[], machine[];*/ int svr4_sys_uname(td, uap) @@ -412,15 +411,12 @@ svr4_sys_systeminfo(td, uap) struct thread *td; struct svr4_sys_systeminfo_args *uap; { - INIT_VPROCG(TD_TO_VPROCG(td)); + struct prison *pr; char *str = NULL; int error = 0; register_t *retval = td->td_retval; size_t len = 0; - char buf[11]; /* XXX NetBSD uses 256, but we use 11 - here as that seems like awfully - excessive kstack usage for hostid - string... */ + char buf[MAXHOSTNAMELEN]; u_int rlen = uap->len; switch (uap->what) { @@ -429,7 +425,8 @@ svr4_sys_systeminfo(td, uap) break; case SVR4_SI_HOSTNAME: - str = V_hostname; + getcredhostname(td->td_ucred, buf, sizeof(buf)); + str = buf; break; case SVR4_SI_RELEASE: @@ -470,8 +467,11 @@ svr4_sys_systeminfo(td, uap) break; case SVR4_SI_SRPC_DOMAIN: - /* XXXRW: locking? */ - str = V_domainname; + pr = td->td_ucred->cr_prison; + mtx_lock(&pr->pr_mtx); + strlcpy(buf, pr->pr_domain, sizeof(buf)); + mtx_unlock(&pr->pr_mtx); + str = buf; break; case SVR4_SI_PLATFORM: Modified: head/sys/ddb/db_textdump.c ============================================================================== --- head/sys/ddb/db_textdump.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/ddb/db_textdump.c Fri May 29 21:27:12 2009 (r193066) @@ -68,7 +68,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include Modified: head/sys/dev/firewire/firewire.c ============================================================================== --- head/sys/dev/firewire/firewire.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/dev/firewire/firewire.c Fri May 29 21:27:12 2009 (r193066) @@ -39,13 +39,13 @@ #include #include +#include #include #include #include #include #include #include -#include #include @@ -723,7 +723,9 @@ fw_reset_crom(struct firewire_comm *fc) crom_add_simple_text(src, root, &buf->vendor, "FreeBSD Project"); crom_add_entry(root, CSRKEY_HW, __FreeBSD_version); #endif - crom_add_simple_text(src, root, &buf->hw, G_hostname); + mtx_lock(&prison0.pr_mtx); + crom_add_simple_text(src, root, &buf->hw, prison0.pr_host); + mtx_unlock(&prison0.pr_mtx); } /* Modified: head/sys/dev/syscons/daemon/daemon_saver.c ============================================================================== --- head/sys/dev/syscons/daemon/daemon_saver.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/dev/syscons/daemon/daemon_saver.c Fri May 29 21:27:12 2009 (r193066) @@ -32,11 +32,11 @@ #include #include #include +#include #include #include #include #include -#include #include @@ -352,11 +352,12 @@ static int daemon_init(video_adapter_t *adp) { - /* XXXRW: Locking -- these can change! */ - messagelen = strlen(G_hostname) + 3 + strlen(ostype) + 1 + + mtx_lock(&prison0.pr_mtx); + messagelen = strlen(prison0.pr_host) + 3 + strlen(ostype) + 1 + strlen(osrelease); message = malloc(messagelen + 1, M_DEVBUF, M_WAITOK); - sprintf(message, "%s - %s %s", G_hostname, ostype, osrelease); + sprintf(message, "%s - %s %s", prison0.pr_host, ostype, osrelease); + mtx_unlock(&prison0.pr_mtx); blanked = 0; switch (adp->va_mode) { case M_PC98_80x25: Modified: head/sys/fs/cd9660/cd9660_rrip.c ============================================================================== --- head/sys/fs/cd9660/cd9660_rrip.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/fs/cd9660/cd9660_rrip.c Fri May 29 21:27:12 2009 (r193066) @@ -41,10 +41,10 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include -#include #include #include @@ -114,11 +114,11 @@ cd9660_rrip_slink(p,ana) ISO_RRIP_SLINK *p; ISO_RRIP_ANALYZE *ana; { - INIT_VPROCG(TD_TO_VPROCG(curthread)); ISO_RRIP_SLINK_COMPONENT *pcomp; ISO_RRIP_SLINK_COMPONENT *pcompe; int len, wlen, cont; char *outbuf, *inbuf; + char hostbuf[MAXHOSTNAMELEN]; pcomp = (ISO_RRIP_SLINK_COMPONENT *)p->component; pcompe = (ISO_RRIP_SLINK_COMPONENT *)((char *)p + isonum_711(p->h.length)); @@ -172,10 +172,11 @@ cd9660_rrip_slink(p,ana) break; case ISO_SUSP_CFLAG_HOST: - /* XXXRW: locking. */ /* Inserting hostname i.e. "kurt.tools.de" */ - inbuf = V_hostname; - wlen = strlen(V_hostname); + getcredhostname(curthread->td_ucred, hostbuf, + sizeof(hostbuf)); + inbuf = hostbuf; + wlen = strlen(inbuf); break; case ISO_SUSP_CFLAG_CONTINUE: @@ -225,10 +226,10 @@ cd9660_rrip_altname(p,ana) ISO_RRIP_ALTNAME *p; ISO_RRIP_ANALYZE *ana; { - INIT_VPROCG(TD_TO_VPROCG(curthread)); char *inbuf; int wlen; int cont; + char hostbuf[MAXHOSTNAMELEN]; inbuf = ".."; wlen = 0; @@ -246,10 +247,10 @@ cd9660_rrip_altname(p,ana) break; case ISO_SUSP_CFLAG_HOST: - /* XXXRW: locking. */ /* Inserting hostname i.e. "kurt.tools.de" */ - inbuf = V_hostname; - wlen = strlen(V_hostname); + getcredhostname(curthread->td_ucred, hostbuf, sizeof(hostbuf)); + inbuf = hostbuf; + wlen = strlen(inbuf); break; case ISO_SUSP_CFLAG_CONTINUE: Modified: head/sys/fs/nfs/nfsport.h ============================================================================== --- head/sys/fs/nfs/nfsport.h Fri May 29 21:17:22 2009 (r193065) +++ head/sys/fs/nfs/nfsport.h Fri May 29 21:27:12 2009 (r193066) @@ -49,6 +49,7 @@ #include #include #include +#include #include #include #include Modified: head/sys/fs/nfsclient/nfs_clstate.c ============================================================================== --- head/sys/fs/nfsclient/nfs_clstate.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/fs/nfsclient/nfs_clstate.c Fri May 29 21:27:12 2009 (r193066) @@ -675,10 +675,16 @@ nfscl_getcl(vnode_t vp, struct ucred *cr struct nfsclclient *newclp; struct nfscllockowner *lp, *nlp; struct nfsmount *nmp = VFSTONFS(vnode_mount(vp)); + struct prison *pr; + char uuid[HOSTUUIDLEN]; int igotlock = 0, error, trystalecnt, clidinusedelay, i; u_int16_t idlen; - idlen = strlen(hostuuid); + pr = cred->cr_prison; + mtx_lock(&pr->pr_mtx); + strlcpy(uuid, pr->pr_uuid, sizeof uuid); + mtx_unlock(&pr->pr_mtx); + idlen = strlen(uuid); if (idlen > 0) idlen += sizeof (u_int64_t); else @@ -699,7 +705,7 @@ nfscl_getcl(vnode_t vp, struct ucred *cr clp->nfsc_flags = NFSCLFLAGS_INITED; clp->nfsc_clientidrev = 1; clp->nfsc_cbident = nfscl_nextcbident(); - nfscl_fillclid(nmp->nm_clval, hostuuid, clp->nfsc_id, + nfscl_fillclid(nmp->nm_clval, uuid, clp->nfsc_id, clp->nfsc_idlen); LIST_INSERT_HEAD(&nfsclhead, clp, nfsc_list); nmp->nm_clp = clp; Modified: head/sys/fs/nfsclient/nfs_clvfsops.c ============================================================================== --- head/sys/fs/nfsclient/nfs_clvfsops.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/fs/nfsclient/nfs_clvfsops.c Fri May 29 21:27:12 2009 (r193066) @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -368,12 +369,11 @@ int ncl_mountroot(struct mount *mp) { struct thread *td = curthread; - INIT_VPROCG(TD_TO_VPROCG(td)); struct nfsv3_diskless *nd = &newnfsv3_diskless; struct socket *so; struct vnode *vp; struct ifreq ir; - int error, i; + int error; u_long l; char buf[128]; char *cp; @@ -477,13 +477,9 @@ ncl_mountroot(struct mount *mp) * set hostname here and then let the "/etc/rc.xxx" files * mount the right /var based upon its preset value. */ - mtx_lock(&hostname_mtx); - bcopy(nd->my_hostnam, V_hostname, MAXHOSTNAMELEN); - V_hostname[MAXHOSTNAMELEN - 1] = '\0'; - for (i = 0; i < MAXHOSTNAMELEN; i++) - if (V_hostname[i] == '\0') - break; - mtx_unlock(&hostname_mtx); + mtx_lock(&prison0.pr_mtx); + strlcpy(prison0.pr_host, nd->my_hostnam, sizeof(prison0.pr_host)); + mtx_unlock(&prison0.pr_mtx); inittodr(ntohl(nd->root_time)); return (0); } Modified: head/sys/geom/vinum/geom_vinum_create.c ============================================================================== --- head/sys/geom/vinum/geom_vinum_create.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/geom/vinum/geom_vinum_create.c Fri May 29 21:27:12 2009 (r193066) @@ -31,10 +31,10 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include -#include #include #include @@ -157,9 +157,7 @@ gv_create_drive(struct gv_softc *sc, str hdr = g_malloc(sizeof(*hdr), M_WAITOK | M_ZERO); hdr->magic = GV_MAGIC; hdr->config_length = GV_CFG_LEN; - mtx_lock(&hostname_mtx); - bcopy(G_hostname, hdr->label.sysname, GV_HOSTNAME_LEN); - mtx_unlock(&hostname_mtx); + getcredhostname(NULL, hdr->label.sysname, GV_HOSTNAME_LEN); strlcpy(hdr->label.name, d->name, sizeof(hdr->label.name)); microtime(&hdr->label.date_of_birth); d->hdr = hdr; Modified: head/sys/geom/vinum/geom_vinum_drive.c ============================================================================== --- head/sys/geom/vinum/geom_vinum_drive.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/geom/vinum/geom_vinum_drive.c Fri May 29 21:27:12 2009 (r193066) @@ -30,7 +30,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include Modified: head/sys/i386/i386/dump_machdep.c ============================================================================== --- head/sys/i386/i386/dump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/i386/i386/dump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -34,7 +34,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include Modified: head/sys/i386/i386/minidump_machdep.c ============================================================================== --- head/sys/i386/i386/minidump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/i386/i386/minidump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -34,7 +34,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include Modified: head/sys/i386/ibcs2/ibcs2_socksys.c ============================================================================== --- head/sys/i386/ibcs2/ibcs2_socksys.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/i386/ibcs2/ibcs2_socksys.c Fri May 29 21:27:12 2009 (r193066) @@ -31,10 +31,7 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include -#include #include -#include #include #include @@ -152,7 +149,7 @@ ibcs2_getipdomainname(td, uap) char hname[MAXHOSTNAMELEN], *dptr; int len; - /* Get the domain name */ + /* Get the domain name. */ getcredhostname(td->td_ucred, hname, sizeof(hname)); dptr = index(hname, '.'); @@ -174,20 +171,17 @@ ibcs2_setipdomainname(td, uap) struct thread *td; struct setipdomainname_args *uap; { - INIT_VPROCG(TD_TO_VPROCG(td)); char hname[MAXHOSTNAMELEN], *ptr; int error, sctl[2], hlen; + /* Get the domain name */ + getcredhostname(td->td_ucred, hname, sizeof(hname)); + /* W/out a hostname a domain-name is nonsense */ - mtx_lock(&hostname_mtx); - if ( strlen(V_hostname) == 0 ) { - mtx_unlock(&hostname_mtx); + if ( strlen(hname) == 0 ) return EINVAL; - } /* Get the host's unqualified name (strip off the domain) */ - snprintf(hname, sizeof(hname), "%s", V_hostname); - mtx_unlock(&hostname_mtx); ptr = index(hname, '.'); if ( ptr != NULL ) { ptr++; Modified: head/sys/ia64/ia64/dump_machdep.c ============================================================================== --- head/sys/ia64/ia64/dump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/ia64/ia64/dump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -33,7 +33,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include Modified: head/sys/kern/kern_jail.c ============================================================================== --- head/sys/kern/kern_jail.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/kern/kern_jail.c Fri May 29 21:27:12 2009 (r193066) @@ -29,6 +29,7 @@ #include __FBSDID("$FreeBSD$"); +#include "opt_compat.h" #include "opt_ddb.h" #include "opt_inet.h" #include "opt_inet6.h" @@ -50,6 +51,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -79,7 +81,9 @@ struct prison prison0 = { .pr_uref = 1, .pr_path = "/", .pr_securelevel = -1, + .pr_uuid = "00000000-0000-0000-0000-000000000000", .pr_children = LIST_HEAD_INITIALIZER(&prison0.pr_children), + .pr_flags = PR_HOST, .pr_allow = PR_ALLOW_ALL, }; MTX_SYSINIT(prison0, &prison0.pr_mtx, "jail mutex", MTX_DEF); @@ -116,8 +120,9 @@ static int prison_restrict_ip6(struct pr */ static char *pr_flag_names[] = { [0] = "persist", + "host", #ifdef INET - [2] = "ip4", + "ip4", #endif #ifdef INET6 [3] = "ip6", @@ -126,8 +131,9 @@ static char *pr_flag_names[] = { static char *pr_flag_nonames[] = { [0] = "nopersist", + "nohost", #ifdef INET - [2] = "noip4", + "noip4", #endif #ifdef INET6 [3] = "noip6", @@ -453,13 +459,14 @@ kern_jail_set(struct thread *td, struct struct vfsoptlist *opts; struct prison *pr, *deadpr, *mypr, *ppr, *tpr; struct vnode *root; - char *errmsg, *host, *name, *p, *path; + char *domain, *errmsg, *host, *name, *p, *path, *uuid; #if defined(INET) || defined(INET6) void *op; #endif + unsigned long hid; size_t namelen, onamelen; int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos; - int gotenforce, gotslevel, fi, jid, len; + int gotenforce, gothid, gotslevel, fi, jid, len; int slevel, vfslocked; #if defined(INET) || defined(INET6) int ii, ij; @@ -578,6 +585,8 @@ kern_jail_set(struct thread *td, struct else if (error != 0) goto done_free; else { + ch_flags |= PR_HOST; + pr_flags |= PR_HOST; if (len == 0 || host[len - 1] != '\0') { error = EINVAL; goto done_free; @@ -588,6 +597,61 @@ kern_jail_set(struct thread *td, struct } } + error = vfs_getopt(opts, "host.domainname", (void **)&domain, &len); + if (error == ENOENT) + domain = NULL; + else if (error != 0) + goto done_free; + else { + ch_flags |= PR_HOST; + pr_flags |= PR_HOST; + if (len == 0 || domain[len - 1] != '\0') { + error = EINVAL; + goto done_free; + } + if (len > MAXHOSTNAMELEN) { + error = ENAMETOOLONG; + goto done_free; + } + } + + error = vfs_getopt(opts, "host.hostuuid", (void **)&uuid, &len); + if (error == ENOENT) + uuid = NULL; + else if (error != 0) + goto done_free; + else { + ch_flags |= PR_HOST; + pr_flags |= PR_HOST; + if (len == 0 || uuid[len - 1] != '\0') { + error = EINVAL; + goto done_free; + } + if (len > HOSTUUIDLEN) { + error = ENAMETOOLONG; + goto done_free; + } + } + +#ifdef COMPAT_IA32 + if (td->td_proc->p_sysent->sv_flags & SV_IA32) { + uint32_t hid32; + + error = vfs_copyopt(opts, "host.hostid", &hid32, sizeof(hid32)); + hid = hid32; + } else +#endif + error = vfs_copyopt(opts, "host.hostid", &hid, sizeof(hid)); + if (error == ENOENT) + gothid = 0; + else if (error != 0) + goto done_free; + else { + gothid = 1; + ch_flags |= PR_HOST; + pr_flags |= PR_HOST; + } + /* This might be the second time around for this option. */ #ifdef INET error = vfs_getopt(opts, "ip4.addr", &op, &ip4s); @@ -1000,6 +1064,16 @@ kern_jail_set(struct thread *td, struct /* Set some default values, and inherit some from the parent. */ if (name == NULL) name = ""; + if (host != NULL || domain != NULL || uuid != NULL || gothid) { + if (host == NULL) + host = ppr->pr_host; + if (domain == NULL) + domain = ppr->pr_domain; + if (uuid == NULL) + uuid = ppr->pr_uuid; + if (!gothid) + hid = ppr->pr_hostid; + } if (path == NULL) { path = "/"; root = mypr->pr_root; @@ -1436,8 +1510,50 @@ kern_jail_set(struct thread *td, struct strlcpy(pr->pr_path, path, sizeof(pr->pr_path)); pr->pr_root = root; } - if (host != NULL) - strlcpy(pr->pr_host, host, sizeof(pr->pr_host)); + if (PR_HOST & ch_flags & ~pr_flags) { + if (pr->pr_flags & PR_HOST) { + /* + * Copy the parent's host info. As with pr_ip4 above, + * the lack of a lock on the parent is not a problem; + * it is always set with allprison_lock at least + * shared, and is held exclusively here. + */ + strlcpy(pr->pr_host, pr->pr_parent->pr_host, + sizeof(pr->pr_host)); + strlcpy(pr->pr_domain, pr->pr_parent->pr_domain, + sizeof(pr->pr_domain)); + strlcpy(pr->pr_uuid, pr->pr_parent->pr_uuid, + sizeof(pr->pr_uuid)); + pr->pr_hostid = pr->pr_parent->pr_hostid; + } + } else if (host != NULL || domain != NULL || uuid != NULL || gothid) { + /* Set this prison, and any descendants without PR_HOST. */ + if (host != NULL) + strlcpy(pr->pr_host, host, sizeof(pr->pr_host)); + if (domain != NULL) + strlcpy(pr->pr_domain, domain, sizeof(pr->pr_domain)); + if (uuid != NULL) + strlcpy(pr->pr_uuid, uuid, sizeof(pr->pr_uuid)); + if (gothid) + pr->pr_hostid = hid; + FOREACH_PRISON_DESCENDANT_LOCKED(pr, tpr, descend) { + if (tpr->pr_flags & PR_HOST) + descend = 0; + else { + if (host != NULL) + strlcpy(tpr->pr_host, pr->pr_host, + sizeof(tpr->pr_host)); + if (domain != NULL) + strlcpy(tpr->pr_domain, pr->pr_domain, + sizeof(tpr->pr_domain)); + if (uuid != NULL) + strlcpy(tpr->pr_uuid, pr->pr_uuid, + sizeof(tpr->pr_uuid)); + if (gothid) + tpr->pr_hostid = hid; + } + } + } if ((tallow = ch_allow & ~pr_allow)) { /* Clear allow bits in all children. */ FOREACH_PRISON_DESCENDANT_LOCKED(pr, tpr, descend) @@ -1753,6 +1869,23 @@ kern_jail_get(struct thread *td, struct error = vfs_setopts(opts, "host.hostname", pr->pr_host); if (error != 0 && error != ENOENT) goto done_deref; + error = vfs_setopts(opts, "host.domainname", pr->pr_domain); + if (error != 0 && error != ENOENT) + goto done_deref; + error = vfs_setopts(opts, "host.hostuuid", pr->pr_uuid); + if (error != 0 && error != ENOENT) + goto done_deref; +#ifdef COMPAT_IA32 + if (td->td_proc->p_sysent->sv_flags & SV_IA32) { + uint32_t hid32 = pr->pr_hostid; + + error = vfs_setopt(opts, "host.hostid", &hid32, sizeof(hid32)); + } else +#endif + error = vfs_setopt(opts, "host.hostid", &pr->pr_hostid, + sizeof(pr->pr_hostid)); + if (error != 0 && error != ENOENT) + goto done_deref; error = vfs_setopt(opts, "enforce_statfs", &pr->pr_enforce_statfs, sizeof(pr->pr_enforce_statfs)); if (error != 0 && error != ENOENT) @@ -3072,17 +3205,12 @@ jailed(struct ucred *cred) void getcredhostname(struct ucred *cred, char *buf, size_t size) { - INIT_VPROCG(cred->cr_vimage->v_procg); + struct prison *pr; - if (jailed(cred)) { - mtx_lock(&cred->cr_prison->pr_mtx); - strlcpy(buf, cred->cr_prison->pr_host, size); - mtx_unlock(&cred->cr_prison->pr_mtx); - } else { - mtx_lock(&hostname_mtx); - strlcpy(buf, V_hostname, size); - mtx_unlock(&hostname_mtx); - } + pr = (cred != NULL) ? cred->cr_prison : &prison0; + mtx_lock(&pr->pr_mtx); + strlcpy(buf, pr->pr_host, size); + mtx_unlock(&pr->pr_mtx); } /* @@ -3683,8 +3811,16 @@ SYSCTL_JAIL_PARAM(, dying, CTLTYPE_INT | "B", "Jail is in the process of shutting down"); SYSCTL_JAIL_PARAM_NODE(host, "Jail host info"); +SYSCTL_JAIL_PARAM(, nohost, CTLTYPE_INT | CTLFLAG_RW, + "BN", "Jail w/ no host info"); SYSCTL_JAIL_PARAM_STRING(_host, hostname, CTLFLAG_RW, MAXHOSTNAMELEN, "Jail hostname"); +SYSCTL_JAIL_PARAM_STRING(_host, domainname, CTLFLAG_RW, MAXHOSTNAMELEN, + "Jail NIS domainname"); +SYSCTL_JAIL_PARAM_STRING(_host, hostuuid, CTLFLAG_RW, HOSTUUIDLEN, + "Jail host UUID"); +SYSCTL_JAIL_PARAM(_host, hostid, CTLTYPE_ULONG | CTLFLAG_RW, + "LU", "Jail host ID"); SYSCTL_JAIL_PARAM_NODE(cpuset, "Jail cpuset"); SYSCTL_JAIL_PARAM(_cpuset, id, CTLTYPE_INT | CTLFLAG_RD, "I", "Jail cpuset ID"); @@ -3762,6 +3898,9 @@ db_show_prison(struct prison *pr) db_printf("\n"); db_printf(" enforce_statfs = %d\n", pr->pr_enforce_statfs); db_printf(" host.hostname = %s\n", pr->pr_host); + db_printf(" host.domainname = %s\n", pr->pr_domain); + db_printf(" host.hostuuid = %s\n", pr->pr_uuid); + db_printf(" host.hostid = %lu\n", pr->pr_hostid); #ifdef INET db_printf(" ip4s = %d\n", pr->pr_ip4s); for (ii = 0; ii < pr->pr_ip4s; ii++) Modified: head/sys/kern/kern_mib.c ============================================================================== --- head/sys/kern/kern_mib.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/kern/kern_mib.c Fri May 29 21:27:12 2009 (r193066) @@ -54,7 +54,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0, "Sysctl internal magic"); @@ -209,71 +208,69 @@ static char machine_arch[] = MACHINE_ARC SYSCTL_STRING(_hw, HW_MACHINE_ARCH, machine_arch, CTLFLAG_RD, machine_arch, 0, "System architecture"); -#ifdef VIMAGE_GLOBALS -char hostname[MAXHOSTNAMELEN]; -#endif - -/* - * This mutex is used to protect the hostname and domainname variables, and - * perhaps in the future should also protect hostid, hostuid, and others. - */ -struct mtx hostname_mtx; -MTX_SYSINIT(hostname_mtx, &hostname_mtx, "hostname", MTX_DEF); - static int sysctl_hostname(SYSCTL_HANDLER_ARGS) { - INIT_VPROCG(TD_TO_VPROCG(req->td)); - struct prison *pr; - char tmphostname[MAXHOSTNAMELEN]; - int error; + struct prison *pr, *cpr; + size_t pr_offset; + char tmpname[MAXHOSTNAMELEN]; + int descend, error, len; + + /* + * This function can set: hostname domainname hostuuid. + * Keep that in mind when comments say "hostname". + */ + pr_offset = (size_t)arg1; + len = arg2; + KASSERT(len <= sizeof(tmpname), + ("length %d too long for %s", len, __func__)); pr = req->td->td_ucred->cr_prison; - if (pr != &prison0) { - if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) - return (EPERM); + if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) + return (EPERM); + /* + * Make a local copy of hostname to get/set so we don't have to hold + * the jail mutex during the sysctl copyin/copyout activities. + */ + mtx_lock(&pr->pr_mtx); + bcopy((char *)pr + pr_offset, tmpname, len); + mtx_unlock(&pr->pr_mtx); + + error = sysctl_handle_string(oidp, tmpname, len, req); + + if (req->newptr != NULL && error == 0) { /* - * Process is in jail, so make a local copy of jail - * hostname to get/set so we don't have to hold the jail - * mutex during the sysctl copyin/copyout activities. + * Copy the locally set hostname to all jails that share + * this host info. */ + sx_slock(&allprison_lock); + while (!(pr->pr_flags & PR_HOST)) + pr = pr->pr_parent; mtx_lock(&pr->pr_mtx); - bcopy(pr->pr_host, tmphostname, MAXHOSTNAMELEN); + bcopy(tmpname, (char *)pr + pr_offset, len); + FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) + if (cpr->pr_flags & PR_HOST) + descend = 0; + else + bcopy(tmpname, (char *)cpr + pr_offset, len); mtx_unlock(&pr->pr_mtx); - - error = sysctl_handle_string(oidp, tmphostname, - sizeof pr->pr_host, req); - - if (req->newptr != NULL && error == 0) { - /* - * Copy the locally set hostname to the jail, if - * appropriate. - */ - mtx_lock(&pr->pr_mtx); - bcopy(tmphostname, pr->pr_host, MAXHOSTNAMELEN); - mtx_unlock(&pr->pr_mtx); - } - } else { - mtx_lock(&hostname_mtx); - bcopy(V_hostname, tmphostname, MAXHOSTNAMELEN); - mtx_unlock(&hostname_mtx); - error = sysctl_handle_string(oidp, tmphostname, - sizeof tmphostname, req); - if (req->newptr != NULL && error == 0) { - mtx_lock(&prison0.pr_mtx); - mtx_lock(&hostname_mtx); - bcopy(tmphostname, prison0.pr_host, MAXHOSTNAMELEN); - bcopy(tmphostname, V_hostname, MAXHOSTNAMELEN); - mtx_unlock(&hostname_mtx); - mtx_unlock(&prison0.pr_mtx); - } + sx_sunlock(&allprison_lock); } return (error); } SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname, - CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_PRISON|CTLFLAG_MPSAFE, - 0, 0, sysctl_hostname, "A", "Hostname"); + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + (void *)(offsetof(struct prison, pr_host)), MAXHOSTNAMELEN, + sysctl_hostname, "A", "Hostname"); +SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + (void *)(offsetof(struct prison, pr_domain)), MAXHOSTNAMELEN, + sysctl_hostname, "A", "Name of the current YP/NIS domain"); +SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + (void *)(offsetof(struct prison, pr_uuid)), HOSTUUIDLEN, + sysctl_hostname, "A", "Host UUID"); static int regression_securelevel_nonmonotonic = 0; @@ -341,38 +338,43 @@ SYSCTL_PROC(_kern, OID_AUTO, conftxt, CT 0, 0, sysctl_kern_config, "", "Kernel configuration file"); #endif -#ifdef VIMAGE_GLOBALS -char domainname[MAXHOSTNAMELEN]; /* Protected by hostname_mtx. */ -#endif - static int -sysctl_domainname(SYSCTL_HANDLER_ARGS) +sysctl_hostid(SYSCTL_HANDLER_ARGS) { - INIT_VPROCG(TD_TO_VPROCG(req->td)); - char tmpdomainname[MAXHOSTNAMELEN]; - int error; - - mtx_lock(&hostname_mtx); - bcopy(V_domainname, tmpdomainname, MAXHOSTNAMELEN); - mtx_unlock(&hostname_mtx); - error = sysctl_handle_string(oidp, tmpdomainname, - sizeof tmpdomainname, req); + struct prison *pr, *cpr; + u_long tmpid; + int descend, error; + + /* + * Like sysctl_hostname, except it operates on a u_long + * instead of a string, and is used only for hostid. + */ + pr = req->td->td_ucred->cr_prison; + if (!(pr->pr_allow & PR_ALLOW_SET_HOSTNAME) && req->newptr) + return (EPERM); + tmpid = pr->pr_hostid; + error = sysctl_handle_long(oidp, &tmpid, 0, req); + if (req->newptr != NULL && error == 0) { - mtx_lock(&hostname_mtx); - bcopy(tmpdomainname, V_domainname, MAXHOSTNAMELEN); - mtx_unlock(&hostname_mtx); + sx_slock(&allprison_lock); + while (!(pr->pr_flags & PR_HOST)) + pr = pr->pr_parent; + mtx_lock(&pr->pr_mtx); + pr->pr_hostid = tmpid; + FOREACH_PRISON_DESCENDANT_LOCKED(pr, cpr, descend) + if (cpr->pr_flags & PR_HOST) + descend = 0; + else + cpr->pr_hostid = tmpid; + mtx_unlock(&pr->pr_mtx); + sx_sunlock(&allprison_lock); } return (error); } -SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname, CTLTYPE_STRING|CTLFLAG_RW, - 0, 0, sysctl_domainname, "A", "Name of the current YP/NIS domain"); - -u_long hostid; -SYSCTL_ULONG(_kern, KERN_HOSTID, hostid, CTLFLAG_RW, &hostid, 0, "Host ID"); -char hostuuid[64] = "00000000-0000-0000-0000-000000000000"; -SYSCTL_STRING(_kern, KERN_HOSTUUID, hostuuid, CTLFLAG_RW, hostuuid, - sizeof(hostuuid), "Host UUID"); +SYSCTL_PROC(_kern, KERN_HOSTID, hostid, + CTLTYPE_ULONG | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + NULL, 0, sysctl_hostid, "LU", "Host ID"); SYSCTL_NODE(_kern, OID_AUTO, features, CTLFLAG_RD, 0, "Kernel Features"); Modified: head/sys/kern/kern_shutdown.c ============================================================================== --- head/sys/kern/kern_shutdown.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/kern/kern_shutdown.c Fri May 29 21:27:12 2009 (r193066) @@ -51,6 +51,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -65,7 +66,6 @@ __FBSDID("$FreeBSD$"); #include /* smp_active */ #include #include -#include #include @@ -693,7 +693,7 @@ mkdumpheader(struct kerneldumpheader *kd *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***