From nobody Tue Jul 25 17:36:25 2023
X-Original-To: jail@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R9PMt2QLpz4pRmh
	for <jail@mlmmj.nyi.freebsd.org>; Tue, 25 Jul 2023 17:36:26 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4R9PMt1RS2z4ZTB
	for <jail@FreeBSD.org>; Tue, 25 Jul 2023 17:36:26 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1690306586;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=j255qk0bUg98j0T6IwIeR9vOlzfX7JJDW3SaOguqKew=;
	b=vQvgIL2sPc9xDE/ZI1u0fM0eSpSkt6qxGSmxm2lbhpsoik7tuqj3KXzAhyM9u0CVsjrJF9
	yBRz9jBDbIdpr2wZJIkkFri2yvcyQIB8JwzBwUAOv4Kv38VfqVNmscAbCnFcZTdRn/gaLo
	BZdp+YeA4k5sOt7U5XHGex56HAyEIuUyrTk1Zfu1WzzELUf0dhPElVo7LT1L3UgsS6pqui
	ZAII4qsEFeRbeM3w6v2ErgsmiOKAyP/irQv0DTyuaIH6i2BKJkpCSnG2TilKOGtxK3UogT
	GhTbgfcdTmBxOtKald09Wit3lP0hLSxgDQWaqLpNmTvw3XMM9pOxDasXG1x8cw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690306586; a=rsa-sha256; cv=none;
	b=Nh8p9AAYi2LLGZmaG7Uq8/HOEVf4SiseWwKnKi8DT/bRJzqgWyF0ka7HDUoM6DOmxyFjzx
	XNOKF03KjXwf9HpLDwjDcFB61zNP53xuHq2khCImnrPgUaRQloNCL8TwR4AitjjaGS4vKG
	vBiFQMVJ7TLlbWZw/4h/o4glCBAU4wps6k+WNHwHQZ1jLpdA3IOGmj9ELzDqAvxmP/gBPP
	zZG6fULPQARZ0ckEc00QjN6qy4gqTbB1IPoOnyl/PGpkvsiAvUrHfo+AQG84+H098NftaS
	IoUatjuSzWCKBis3UGRtXaZoljM9woZpGYzxNVbWe3UoqnXEVIrYBADyp0JjTQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R9PMt0Qymz18QG
	for <jail@FreeBSD.org>; Tue, 25 Jul 2023 17:36:26 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36PHaQrA002950
	for <jail@FreeBSD.org>; Tue, 25 Jul 2023 17:36:26 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36PHaQVh002949
	for jail@FreeBSD.org; Tue, 25 Jul 2023 17:36:26 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: jail@FreeBSD.org
Subject: [Bug 272706] procstat(1): procstat vm in jails shows host paths of
 binaries and shared libraries from outside prison
Date: Tue, 25 Jul 2023 17:36:25 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 13.2-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: andrew@tao11.riddles.org.uk
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: jail@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-272706-29815-0MZAXJG50E@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-272706-29815@https.bugs.freebsd.org/bugzilla/>
References: <bug-272706-29815@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Discussion about FreeBSD jail(8) <freebsd-jail.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-jail
List-Help: <mailto:freebsd-jail+help@freebsd.org>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Subscribe: <mailto:freebsd-jail+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-jail+unsubscribe@freebsd.org>
Sender: owner-freebsd-jail@freebsd.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272706

--- Comment #5 from Andrew "RhodiumToad" Gierth <andrew@tao11.riddles.org.u=
k> ---
(In reply to Andrew "RhodiumToad" Gierth from comment #4)

I've confirmed my analysis this far: vn_fullpath is being called with vp
pointing to a physical filesystem vnode (i.e. not the nullfs node on the up=
per
layer, but the lower layer vnode backing it). Accordingly, since in general=
 the
lower vnode is somewhere outside the jail root, the traverse of parent dirs
never hits the process root directory, so the full path is shown.

Most other uses of vn_fullpath will be starting from the upper-level vnode =
(for
example, because they just looked up a filename, or they have an open file,
etc.), and in this case, the code seems to correctly traverse the upper lay=
er
and end at the process root dir. What I don't know is why the vm_object is
apparently referencing the lower vnode rather than the upper one.

--=20
You are receiving this mail because:
You are the assignee for the bug.=