From owner-svn-src-all@freebsd.org Thu Aug 16 19:27:18 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 83E2A10740CE; Thu, 16 Aug 2018 19:27:18 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 974D374EFF; Thu, 16 Aug 2018 19:27:17 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id w7GJRFWQ055396; Thu, 16 Aug 2018 12:27:15 -0700 (PDT) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id w7GJRF1Q055395; Thu, 16 Aug 2018 12:27:15 -0700 (PDT) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <201808161927.w7GJRF1Q055395@pdx.rh.CN85.dnsmgr.net> Subject: Re: svn commit: r337925 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys In-Reply-To: <201808161909.w7GJ9hXt060717@repo.freebsd.org> To: Jamie Gritton Date: Thu, 16 Aug 2018 12:27:15 -0700 (PDT) CC: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Reply-To: rgrimes@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Aug 2018 19:27:19 -0000 > Author: jamie > Date: Thu Aug 16 19:09:43 2018 > New Revision: 337925 > URL: https://svnweb.freebsd.org/changeset/base/337925 > > Log: > Revert r337922, except for some documention-only bits. This needs to wait > until user is changed to stop using jail(2). Can we please stop doing "partial" reverts, it makes log tracking and sorting out stuff later more difficult. If something is seperable and needs to stay it is best to revert the whole commit, and then commit with a proper log exactly what it is that you did not want to revert. > > Differential Revision: D14791 > > Modified: > head/lib/libc/sys/jail.2 > head/sys/compat/freebsd32/freebsd32_misc.c > head/sys/compat/freebsd32/freebsd32_proto.h > head/sys/compat/freebsd32/freebsd32_syscall.h > head/sys/compat/freebsd32/freebsd32_syscalls.c > head/sys/compat/freebsd32/freebsd32_sysent.c > head/sys/compat/freebsd32/freebsd32_systrace_args.c > head/sys/compat/freebsd32/syscalls.master > head/sys/kern/init_sysent.c > head/sys/kern/kern_jail.c > head/sys/kern/syscalls.c > head/sys/kern/syscalls.master > head/sys/kern/systrace_args.c > head/sys/sys/jail.h > head/sys/sys/syscall.h > head/sys/sys/syscall.mk > head/sys/sys/syscallsubr.h > head/sys/sys/sysproto.h > > Modified: head/lib/libc/sys/jail.2 > ============================================================================== > --- head/lib/libc/sys/jail.2 Thu Aug 16 18:58:34 2018 (r337924) > +++ head/lib/libc/sys/jail.2 Thu Aug 16 19:09:43 2018 (r337925) > @@ -25,10 +25,11 @@ > .\" > .\" $FreeBSD$ > .\" > -.Dd August 16, 2018 > +.Dd February 8, 2012 > .Dt JAIL 2 > .Os > .Sh NAME > +.Nm jail , > .Nm jail_get , > .Nm jail_set , > .Nm jail_remove , > @@ -40,6 +41,8 @@ > .In sys/param.h > .In sys/jail.h > .Ft int > +.Fn jail "struct jail *jail" > +.Ft int > .Fn jail_attach "int jid" > .Ft int > .Fn jail_remove "int jid" > @@ -50,7 +53,74 @@ > .Fn jail_set "struct iovec *iov" "u_int niov" "int flags" > .Sh DESCRIPTION > The > +.Fn jail > +system call sets up a jail and locks the current process in it. > +.Pp > +The argument is a pointer to a structure describing the prison: > +.Bd -literal -offset indent > +struct jail { > + uint32_t version; > + char *path; > + char *hostname; > + char *jailname; > + unsigned int ip4s; > + unsigned int ip6s; > + struct in_addr *ip4; > + struct in6_addr *ip6; > +}; > +.Ed > +.Pp > +.Dq Li version > +defines the version of the API in use. > +.Dv JAIL_API_VERSION > +is defined for the current version. > +.Pp > +The > +.Dq Li path > +pointer should be set to the directory which is to be the root of the > +prison. > +.Pp > +The > +.Dq Li hostname > +pointer can be set to the hostname of the prison. > +This can be changed > +from the inside of the prison. > +.Pp > +The > +.Dq Li jailname > +pointer is an optional name that can be assigned to the jail > +for example for management purposes. > +.Pp > +The > +.Dq Li ip4s > +and > +.Dq Li ip6s > +give the numbers of IPv4 and IPv6 addresses that will be passed > +via their respective pointers. > +.Pp > +The > +.Dq Li ip4 > +and > +.Dq Li ip6 > +pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to > +the prison, or NULL if none. > +IPv4 addresses must be in network byte order. > +.Pp > +This is equivalent to, and deprecated in favor of, the > .Fn jail_set > +system call (see below), with the parameters > +.Va path , > +.Va host.hostname , > +.Va name , > +.Va ip4.addr , > +and > +.Va ip6.addr , > +and with the > +.Dv JAIL_ATTACH > +flag. > +.Pp > +The > +.Fn jail_set > system call creates a new jail, or modifies an existing one, and optionally > locks the current process in it. > Jail parameters are passed as an array of name-value pairs in the array > @@ -76,19 +146,13 @@ The current set of available parameters, and their for > retrieved via the > .Va security.jail.param > sysctl MIB entry. > -Notable parameters include > +Notable parameters include those mentioned in the > +.Fn jail > +description above, as well as > .Va jid > and > -.Va name > -which identify the jail being created or modified, > -.Va path > -(the root directory of the jail), > -.Va host.hostname > -(the hostname of the jail), and > -.Va ip4.addr > -and > -.Va ip6.addr > -(IP addresses to assign to the jail). > +.Va name , > +which identify the jail being created or modified. > See > .Xr jail 8 > for more information on the core jail parameters. > @@ -173,7 +237,8 @@ It will kill all processes belonging to the jail, and > of that jail. > .Sh RETURN VALUES > If successful, > -.Fn jail_set > +.Fn jail , > +.Fn jail_set , > and > .Fn jail_get > return a non-negative integer, termed the jail identifier (JID). > @@ -184,6 +249,25 @@ to indicate the error. > .Rv -std jail_attach jail_remove > .Sh ERRORS > The > +.Fn jail > +system call > +will fail if: > +.Bl -tag -width Er > +.It Bq Er EPERM > +This process is not allowed to create a jail, either because it is not > +the super-user, or because it would exceed the jail's > +.Va children.max > +limit. > +.It Bq Er EFAULT > +.Fa jail > +points to an address outside the allocated address space of the process. > +.It Bq Er EINVAL > +The version number of the argument is not correct. > +.It Bq Er EAGAIN > +No free JID could be found. > +.El > +.Pp > +The > .Fn jail_set > system call > will fail if: > @@ -287,7 +371,8 @@ does not exist. > .El > .Pp > Further > -.Fn jail_set > +.Fn jail , > +.Fn jail_set , > and > .Fn jail_attach > call > @@ -301,7 +386,7 @@ manual page for details. > .Xr chroot 2 , > .Xr jail 8 > .Sh HISTORY > -The now-deprecated > +The > .Fn jail > system call appeared in > .Fx 4.0 . > > Modified: head/sys/compat/freebsd32/freebsd32_misc.c > ============================================================================== > --- head/sys/compat/freebsd32/freebsd32_misc.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/freebsd32_misc.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -2289,10 +2289,8 @@ freebsd32_sysctl(struct thread *td, struct freebsd32_s > return (0); > } > > -#ifdef COMPAT_FREEBSD11 > int > -freebsd11_freebsd32_jail(struct thread *td, > - struct freebsd11_freebsd32_jail_args *uap) > +freebsd32_jail(struct thread *td, struct freebsd32_jail_args *uap) > { > uint32_t version; > int error; > @@ -2349,9 +2347,8 @@ freebsd11_freebsd32_jail(struct thread *td, > /* Sci-Fi jails are not supported, sorry. */ > return (EINVAL); > } > - return (freebsd11_kern_jail(td, &j)); > + return (kern_jail(td, &j)); > } > -#endif /* COMPAT_FREEBSD11 */ > > int > freebsd32_jail_set(struct thread *td, struct freebsd32_jail_set_args *uap) > > Modified: head/sys/compat/freebsd32/freebsd32_proto.h > ============================================================================== > --- head/sys/compat/freebsd32/freebsd32_proto.h Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/freebsd32_proto.h Thu Aug 16 19:09:43 2018 (r337925) > @@ -283,6 +283,9 @@ struct freebsd32_sched_rr_get_interval_args { > char pid_l_[PADL_(pid_t)]; pid_t pid; char pid_r_[PADR_(pid_t)]; > char interval_l_[PADL_(struct timespec32 *)]; struct timespec32 * interval; char interval_r_[PADR_(struct timespec32 *)]; > }; > +struct freebsd32_jail_args { > + char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)]; > +}; > struct freebsd32_sigtimedwait_args { > char set_l_[PADL_(const sigset_t *)]; const sigset_t * set; char set_r_[PADR_(const sigset_t *)]; > char info_l_[PADL_(siginfo_t *)]; siginfo_t * info; char info_r_[PADR_(siginfo_t *)]; > @@ -758,6 +761,7 @@ int freebsd32_aio_return(struct thread *, struct freeb > int freebsd32_aio_suspend(struct thread *, struct freebsd32_aio_suspend_args *); > int freebsd32_aio_error(struct thread *, struct freebsd32_aio_error_args *); > int freebsd32_sched_rr_get_interval(struct thread *, struct freebsd32_sched_rr_get_interval_args *); > +int freebsd32_jail(struct thread *, struct freebsd32_jail_args *); > int freebsd32_sigtimedwait(struct thread *, struct freebsd32_sigtimedwait_args *); > int freebsd32_sigwaitinfo(struct thread *, struct freebsd32_sigwaitinfo_args *); > int freebsd32_aio_waitcomplete(struct thread *, struct freebsd32_aio_waitcomplete_args *); > @@ -1180,9 +1184,6 @@ struct freebsd11_freebsd32_fhstat_args { > char u_fhp_l_[PADL_(const struct fhandle *)]; const struct fhandle * u_fhp; char u_fhp_r_[PADR_(const struct fhandle *)]; > char sb_l_[PADL_(struct freebsd11_stat32 *)]; struct freebsd11_stat32 * sb; char sb_r_[PADR_(struct freebsd11_stat32 *)]; > }; > -struct freebsd11_freebsd32_jail_args { > - char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)]; > -}; > struct freebsd11_freebsd32_kevent_args { > char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; > char changelist_l_[PADL_(const struct kevent32_freebsd11 *)]; const struct kevent32_freebsd11 * changelist; char changelist_r_[PADR_(const struct kevent32_freebsd11 *)]; > @@ -1222,7 +1223,6 @@ int freebsd11_freebsd32_lstat(struct thread *, struct > int freebsd11_freebsd32_getdirentries(struct thread *, struct freebsd11_freebsd32_getdirentries_args *); > int freebsd11_freebsd32_getdents(struct thread *, struct freebsd11_freebsd32_getdents_args *); > int freebsd11_freebsd32_fhstat(struct thread *, struct freebsd11_freebsd32_fhstat_args *); > -int freebsd11_freebsd32_jail(struct thread *, struct freebsd11_freebsd32_jail_args *); > int freebsd11_freebsd32_kevent(struct thread *, struct freebsd11_freebsd32_kevent_args *); > int freebsd11_freebsd32_fstatat(struct thread *, struct freebsd11_freebsd32_fstatat_args *); > int freebsd11_freebsd32_mknodat(struct thread *, struct freebsd11_freebsd32_mknodat_args *); > @@ -1317,7 +1317,7 @@ int freebsd11_freebsd32_mknodat(struct thread *, struc > #define FREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO > #define FREEBSD32_SYS_AUE_freebsd32_sched_rr_get_interval AUE_NULL > #define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile AUE_SENDFILE > -#define FREEBSD32_SYS_AUE_freebsd11_freebsd32_jail AUE_JAIL > +#define FREEBSD32_SYS_AUE_freebsd32_jail AUE_JAIL > #define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction AUE_SIGACTION > #define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn AUE_SIGRETURN > #define FREEBSD32_SYS_AUE_freebsd32_sigtimedwait AUE_SIGWAIT > > Modified: head/sys/compat/freebsd32/freebsd32_syscall.h > ============================================================================== > --- head/sys/compat/freebsd32/freebsd32_syscall.h Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/freebsd32_syscall.h Thu Aug 16 19:09:43 2018 (r337925) > @@ -275,7 +275,7 @@ > #define FREEBSD32_SYS_utrace 335 > /* 336 is freebsd4 freebsd32_sendfile */ > #define FREEBSD32_SYS_kldsym 337 > -#define FREEBSD32_SYS_freebsd11_freebsd32_jail 338 > +#define FREEBSD32_SYS_freebsd32_jail 338 > #define FREEBSD32_SYS_sigprocmask 340 > #define FREEBSD32_SYS_sigsuspend 341 > /* 342 is freebsd4 freebsd32_sigaction */ > > Modified: head/sys/compat/freebsd32/freebsd32_syscalls.c > ============================================================================== > --- head/sys/compat/freebsd32/freebsd32_syscalls.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/freebsd32_syscalls.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -347,7 +347,7 @@ const char *freebsd32_syscallnames[] = { > "utrace", /* 335 = utrace */ > "compat4.freebsd32_sendfile", /* 336 = freebsd4 freebsd32_sendfile */ > "kldsym", /* 337 = kldsym */ > - "compat11.freebsd32_jail", /* 338 = freebsd11 freebsd32_jail */ > + "freebsd32_jail", /* 338 = freebsd32_jail */ > "#339", /* 339 = pioctl */ > "sigprocmask", /* 340 = sigprocmask */ > "sigsuspend", /* 341 = sigsuspend */ > > Modified: head/sys/compat/freebsd32/freebsd32_sysent.c > ============================================================================== > --- head/sys/compat/freebsd32/freebsd32_sysent.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/freebsd32_sysent.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -394,7 +394,7 @@ struct sysent freebsd32_sysent[] = { > { AS(utrace_args), (sy_call_t *)sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 335 = utrace */ > { compat4(AS(freebsd4_freebsd32_sendfile_args),freebsd32_sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 freebsd32_sendfile */ > { AS(kldsym_args), (sy_call_t *)sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 337 = kldsym */ > - { compat11(AS(freebsd11_freebsd32_jail_args),freebsd32_jail), AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd11 freebsd32_jail */ > + { AS(freebsd32_jail_args), (sy_call_t *)freebsd32_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd32_jail */ > { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 339 = pioctl */ > { AS(sigprocmask_args), (sy_call_t *)sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 340 = sigprocmask */ > { AS(sigsuspend_args), (sy_call_t *)sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 341 = sigsuspend */ > > Modified: head/sys/compat/freebsd32/freebsd32_systrace_args.c > ============================================================================== > --- head/sys/compat/freebsd32/freebsd32_systrace_args.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/freebsd32_systrace_args.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -1559,6 +1559,13 @@ systrace_args(int sysnum, void *params, uint64_t *uarg > *n_args = 3; > break; > } > + /* freebsd32_jail */ > + case 338: { > + struct freebsd32_jail_args *p = params; > + uarg[0] = (intptr_t) p->jail; /* struct jail32 * */ > + *n_args = 1; > + break; > + } > /* sigprocmask */ > case 340: { > struct sigprocmask_args *p = params; > @@ -5704,6 +5711,16 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *d > break; > }; > break; > + /* freebsd32_jail */ > + case 338: > + switch(ndx) { > + case 0: > + p = "userland struct jail32 *"; > + break; > + default: > + break; > + }; > + break; > /* sigprocmask */ > case 340: > switch(ndx) { > @@ -9653,6 +9670,11 @@ systrace_return_setargdesc(int sysnum, int ndx, char * > break; > /* kldsym */ > case 337: > + if (ndx == 0 || ndx == 1) > + p = "int"; > + break; > + /* freebsd32_jail */ > + case 338: > if (ndx == 0 || ndx == 1) > p = "int"; > break; > > Modified: head/sys/compat/freebsd32/syscalls.master > ============================================================================== > --- head/sys/compat/freebsd32/syscalls.master Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/compat/freebsd32/syscalls.master Thu Aug 16 19:09:43 2018 (r337925) > @@ -601,7 +601,7 @@ > off_t *sbytes, int flags); } > 337 AUE_NULL NOPROTO { int kldsym(int fileid, int cmd, \ > void *data); } > -338 AUE_JAIL COMPAT11 { int freebsd32_jail(struct jail32 *jail); } > +338 AUE_JAIL STD { int freebsd32_jail(struct jail32 *jail); } > 339 AUE_NULL UNIMPL pioctl > 340 AUE_SIGPROCMASK NOPROTO { int sigprocmask(int how, \ > const sigset_t *set, sigset_t *oset); } > > Modified: head/sys/kern/init_sysent.c > ============================================================================== > --- head/sys/kern/init_sysent.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/kern/init_sysent.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -387,7 +387,7 @@ struct sysent sysent[] = { > { AS(utrace_args), (sy_call_t *)sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 335 = utrace */ > { compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 sendfile */ > { AS(kldsym_args), (sy_call_t *)sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 337 = kldsym */ > - { compat11(AS(freebsd11_jail_args),jail), AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd11 jail */ > + { AS(jail_args), (sy_call_t *)sys_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = jail */ > { AS(nnpfs_syscall_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 339 = nnpfs_syscall */ > { AS(sigprocmask_args), (sy_call_t *)sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 340 = sigprocmask */ > { AS(sigsuspend_args), (sy_call_t *)sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 341 = sigsuspend */ > > Modified: head/sys/kern/kern_jail.c > ============================================================================== > --- head/sys/kern/kern_jail.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/kern/kern_jail.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -74,14 +74,6 @@ __FBSDID("$FreeBSD$"); > > #include > > -/* > - * The old jail(2) interface will exist under COMPAT_FREEBSD11, but the global > - * permission sysctls are slated to go away sometime (even with COMPAT). > - */ > -#if defined(COMPAT_FREEBSD11) && !defined(BURN_BRIDGES) > -#define PR_GLOBAL_ALLOW > -#endif > - > #define DEFAULT_HOSTUUID "00000000-0000-0000-0000-000000000000" > > MALLOC_DEFINE(M_PRISON, "prison", "Prison structures"); > @@ -207,11 +199,9 @@ const size_t pr_flag_allow_size = sizeof(pr_flag_allow > #define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | PR_ALLOW_RESERVED_PORTS) > #define JAIL_DEFAULT_ENFORCE_STATFS 2 > #define JAIL_DEFAULT_DEVFS_RSNUM 0 > -#ifdef PR_GLOBAL_ALLOW > static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW; > static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS; > static int jail_default_devfs_rsnum = JAIL_DEFAULT_DEVFS_RSNUM; > -#endif > #if defined(INET) || defined(INET6) > static unsigned jail_max_af_ips = 255; > #endif > @@ -229,14 +219,13 @@ prison0_init(void) > strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease)); > } > > -#ifdef COMPAT_FREEBSD11 > /* > * struct jail_args { > * struct jail *jail; > * }; > */ > int > -freebsd11_jail(struct thread *td, struct freebsd11_jail_args *uap) > +sys_jail(struct thread *td, struct jail_args *uap) > { > uint32_t version; > int error; > @@ -281,16 +270,13 @@ freebsd11_jail(struct thread *td, struct freebsd11_jai > /* Sci-Fi jails are not supported, sorry. */ > return (EINVAL); > } > - return (freebsd11_kern_jail(td, &j)); > + return (kern_jail(td, &j)); > } > > int > -freebsd11_kern_jail(struct thread *td, struct jail *j) > +kern_jail(struct thread *td, struct jail *j) > { > - struct iovec optiov[2 * (3 > -#ifdef PR_GLOBAL_ALLOW > - + 1 + nitems(pr_flag_allow) > -#endif > + struct iovec optiov[2 * (4 + nitems(pr_flag_allow) > #ifdef INET > + 1 > #endif > @@ -300,10 +286,7 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) > )]; > struct uio opt; > char *u_path, *u_hostname, *u_name; > -#ifdef PR_GLOBAL_ALLOW > struct bool_flags *bf; > - int enforce_statfs; > -#endif > #ifdef INET > uint32_t ip4s; > struct in_addr *u_ip4; > @@ -312,7 +295,7 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) > struct in6_addr *u_ip6; > #endif > size_t tmplen; > - int error; > + int error, enforce_statfs; > > bzero(&optiov, sizeof(optiov)); > opt.uio_iov = optiov; > @@ -323,7 +306,6 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) > opt.uio_rw = UIO_READ; > opt.uio_td = td; > > -#ifdef PR_GLOBAL_ALLOW > /* Set permissions for top-level jails from sysctls. */ > if (!jailed(td->td_ucred)) { > for (bf = pr_flag_allow; > @@ -345,7 +327,6 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) > optiov[opt.uio_iovcnt].iov_len = sizeof(enforce_statfs); > opt.uio_iovcnt++; > } > -#endif > > tmplen = MAXPATHLEN + MAXHOSTNAMELEN + MAXHOSTNAMELEN; > #ifdef INET > @@ -449,7 +430,6 @@ freebsd11_kern_jail(struct thread *td, struct jail *j) > free(u_path, M_TEMP); > return (error); > } > -#endif /* COMPAT_FREEBSD11 */ > > > /* > @@ -1267,11 +1247,7 @@ kern_jail_set(struct thread *td, struct uio *optuio, i > > pr->pr_securelevel = ppr->pr_securelevel; > pr->pr_allow = JAIL_DEFAULT_ALLOW & ppr->pr_allow; > -#ifdef PR_GLOBAL_ALLOW > pr->pr_enforce_statfs = jail_default_enforce_statfs; > -#else > - pr->pr_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS; > -#endif > pr->pr_devfs_rsnum = ppr->pr_devfs_rsnum; > > pr->pr_osreldate = osreldt ? osreldt : ppr->pr_osreldate; > @@ -3439,7 +3415,6 @@ prison_path(struct prison *pr1, struct prison *pr2) > static SYSCTL_NODE(_security, OID_AUTO, jail, CTLFLAG_RW, 0, > "Jails"); > > -#ifdef COMPAT_FREEBSD11 > static int > sysctl_jail_list(SYSCTL_HANDLER_ARGS) > { > @@ -3543,7 +3518,6 @@ sysctl_jail_list(SYSCTL_HANDLER_ARGS) > SYSCTL_OID(_security_jail, OID_AUTO, list, > CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, > sysctl_jail_list, "S", "List of active jails"); > -#endif /* COMPAT_FREEBSD11 */ > > static int > sysctl_jail_jailed(SYSCTL_HANDLER_ARGS) > @@ -3583,14 +3557,13 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vnet, > #if defined(INET) || defined(INET6) > SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, > &jail_max_af_ips, 0, > - "Number of IP addresses a jail may have at most per address family"); > + "Number of IP addresses a jail may have at most per address family (deprecated)"); > #endif > > /* > - * Jail permissions - jailed processes can read these to find out what they are > - * allowed to do. A deprecated use is to set default permissions for prisons > - * created via jail(2). For historical reasons, the sysctl names have varying > - * similarity to the parameter names. > + * Default parameters for jail(2) compatibility. For historical reasons, > + * the sysctl names have varying similarity to the parameter names. Prisons > + * just see their own parameters, and can't change them. > */ > static int > sysctl_jail_default_allow(SYSCTL_HANDLER_ARGS) > @@ -3599,68 +3572,52 @@ sysctl_jail_default_allow(SYSCTL_HANDLER_ARGS) > int allow, error, i; > > pr = req->td->td_ucred->cr_prison; > -#ifdef PR_GLOBAL_ALLOW > allow = (pr == &prison0) ? jail_default_allow : pr->pr_allow; > -#else > - allow = pr->pr_allow; > -#endif > > /* Get the current flag value, and convert it to a boolean. */ > i = (allow & arg2) ? 1 : 0; > if (arg1 != NULL) > i = !i; > error = sysctl_handle_int(oidp, &i, 0, req); > - if (error) > + if (error || !req->newptr) > return (error); > -#ifdef PR_GLOBAL_ALLOW > - if (req->newptr) { > - i = i ? arg2 : 0; > - if (arg1 != NULL) > - i ^= arg2; > - /* > - * The sysctls don't have CTLFLAGS_PRISON, so assume prison0 > - * for writing. > - */ > - mtx_lock(&prison0.pr_mtx); > - jail_default_allow = (jail_default_allow & ~arg2) | i; > - mtx_unlock(&prison0.pr_mtx); > - } > -#endif > + i = i ? arg2 : 0; > + if (arg1 != NULL) > + i ^= arg2; > + /* > + * The sysctls don't have CTLFLAGS_PRISON, so assume prison0 > + * for writing. > + */ > + mtx_lock(&prison0.pr_mtx); > + jail_default_allow = (jail_default_allow & ~arg2) | i; > + mtx_unlock(&prison0.pr_mtx); > return (0); > } > > -#ifdef PR_GLOBAL_ALLOW > -#define CTLFLAG_GLOBAL_ALLOW (CTLFLAG_RW | CTLFLAG_MPSAFE) > -#define ADDR_GLOBAL_ALLOW(i) &i > -#else > -#define CTLFLAG_GLOBAL_ALLOW (CTLFLAG_RD | CTLFLAG_MPSAFE) > -#define ADDR_GLOBAL_ALLOW(i) NULL > -#endif > - > SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I", > - "Processes in jail can set their hostnames"); > + "Processes in jail can set their hostnames (deprecated)"); > SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > (void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I", > - "Processes in jail are limited to creating UNIX/IP/route sockets only"); > + "Processes in jail are limited to creating UNIX/IP/route sockets only (deprecated)"); > SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I", > - "Processes in jail can use System V IPC primitives"); > + "Processes in jail can use System V IPC primitives (deprecated)"); > SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I", > - "Prison root can create raw sockets"); > + "Prison root can create raw sockets (deprecated)"); > SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I", > - "Processes in jail can alter system file flags"); > + "Processes in jail can alter system file flags (deprecated)"); > SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I", > - "Processes in jail can mount/unmount jail-friendly file systems"); > + "Processes in jail can mount/unmount jail-friendly file systems (deprecated)"); > > static int > sysctl_jail_default_level(SYSCTL_HANDLER_ARGS) > @@ -3669,33 +3626,25 @@ sysctl_jail_default_level(SYSCTL_HANDLER_ARGS) > int level, error; > > pr = req->td->td_ucred->cr_prison; > -#ifdef PR_GLOBAL_ALLOW > level = (pr == &prison0) ? *(int *)arg1 : *(int *)((char *)pr + arg2); > -#else > - level = *(int *)((char *)pr + arg2); > -#endif > error = sysctl_handle_int(oidp, &level, 0, req); > - if (error) > + if (error || !req->newptr) > return (error); > -#ifdef PR_GLOBAL_ALLOW > - if (req->newptr) > - *(int *)arg1 = level; > -#endif > + *(int *)arg1 = level; > return (0); > } > > SYSCTL_PROC(_security_jail, OID_AUTO, enforce_statfs, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > - ADDR_GLOBAL_ALLOW(jail_default_enforce_statfs), > - offsetof(struct prison, pr_enforce_statfs), > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, > + &jail_default_enforce_statfs, offsetof(struct prison, pr_enforce_statfs), > sysctl_jail_default_level, "I", > - "Processes in jail cannot see all mounted file systems"); > + "Processes in jail cannot see all mounted file systems (deprecated)"); > + > SYSCTL_PROC(_security_jail, OID_AUTO, devfs_ruleset, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, > - ADDR_GLOBAL_ALLOW(jail_default_devfs_rsnum), > - offsetof(struct prison, pr_devfs_rsnum), > + CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, > + &jail_default_devfs_rsnum, offsetof(struct prison, pr_devfs_rsnum), > sysctl_jail_default_level, "I", > - "Ruleset for the devfs filesystem in jail"); > + "Ruleset for the devfs filesystem in jail (deprecated)"); > > /* > * Nodes to describe jail parameters. Maximum length of string parameters > @@ -3836,6 +3785,9 @@ prison_add_allow(const char *prefix, const char *name, > struct bool_flags *bf; > struct sysctl_oid *parent; > char *allow_name, *allow_noname, *allowed; > +#ifndef NO_SYSCTL_DESCR > + char *descr_deprecated; > +#endif > unsigned allow_flag; > > if (prefix > @@ -3892,7 +3844,10 @@ prison_add_allow(const char *prefix, const char *name, > bf->flag = allow_flag; > mtx_unlock(&prison0.pr_mtx); > > - /* Create sysctls for the paramter, and the current permission. */ > + /* > + * Create sysctls for the paramter, and the back-compat global > + * permission. > + */ > parent = prefix > ? SYSCTL_ADD_NODE(NULL, > SYSCTL_CHILDREN(&sysctl___security_jail_param_allow), > @@ -3904,10 +3859,17 @@ prison_add_allow(const char *prefix, const char *name, > if ((prefix > ? asprintf(&allowed, M_TEMP, "%s_%s_allowed", prefix, name) > : asprintf(&allowed, M_TEMP, "%s_allowed", name)) >= 0) { > +#ifndef NO_SYSCTL_DESCR > + (void)asprintf(&descr_deprecated, M_TEMP, "%s (deprecated)", > + descr); > +#endif > (void)SYSCTL_ADD_PROC(NULL, > SYSCTL_CHILDREN(&sysctl___security_jail), OID_AUTO, allowed, > - CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, NULL, allow_flag, > - sysctl_jail_default_allow, "I", descr); > + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, allow_flag, > + sysctl_jail_default_allow, "I", descr_deprecated); > +#ifndef NO_SYSCTL_DESCR > + free(descr_deprecated, M_TEMP); > +#endif > free(allowed, M_TEMP); > } > return allow_flag; > > Modified: head/sys/kern/syscalls.c > ============================================================================== > --- head/sys/kern/syscalls.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/kern/syscalls.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -344,7 +344,7 @@ const char *syscallnames[] = { > "utrace", /* 335 = utrace */ > "compat4.sendfile", /* 336 = freebsd4 sendfile */ > "kldsym", /* 337 = kldsym */ > - "compat11.jail", /* 338 = freebsd11 jail */ > + "jail", /* 338 = jail */ > "nnpfs_syscall", /* 339 = nnpfs_syscall */ > "sigprocmask", /* 340 = sigprocmask */ > "sigsuspend", /* 341 = sigsuspend */ > > Modified: head/sys/kern/syscalls.master > ============================================================================== > --- head/sys/kern/syscalls.master Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/kern/syscalls.master Thu Aug 16 19:09:43 2018 (r337925) > @@ -738,7 +738,7 @@ > _Out_opt_ off_t *sbytes, int flags); } > 337 AUE_NULL STD { int kldsym(int fileid, int cmd, \ > _In_ void *data); } > -338 AUE_JAIL COMPAT11 { int jail( \ > +338 AUE_JAIL STD { int jail( \ > _In_ struct jail *jail); } > > 339 AUE_NULL NOSTD|NOTSTATIC { int nnpfs_syscall(int operation, \ > > Modified: head/sys/kern/systrace_args.c > ============================================================================== > --- head/sys/kern/systrace_args.c Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/kern/systrace_args.c Thu Aug 16 19:09:43 2018 (r337925) > @@ -1593,6 +1593,13 @@ systrace_args(int sysnum, void *params, uint64_t *uarg > *n_args = 3; > break; > } > + /* jail */ > + case 338: { > + struct jail_args *p = params; > + uarg[0] = (intptr_t) p->jail; /* struct jail * */ > + *n_args = 1; > + break; > + } > /* nnpfs_syscall */ > case 339: { > struct nnpfs_syscall_args *p = params; > @@ -5765,6 +5772,16 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *d > break; > }; > break; > + /* jail */ > + case 338: > + switch(ndx) { > + case 0: > + p = "userland struct jail *"; > + break; > + default: > + break; > + }; > + break; > /* nnpfs_syscall */ > case 339: > switch(ndx) { > @@ -9627,6 +9644,11 @@ systrace_return_setargdesc(int sysnum, int ndx, char * > break; > /* kldsym */ > case 337: > + if (ndx == 0 || ndx == 1) > + p = "int"; > + break; > + /* jail */ > + case 338: > if (ndx == 0 || ndx == 1) > p = "int"; > break; > > Modified: head/sys/sys/jail.h > ============================================================================== > --- head/sys/sys/jail.h Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/sys/jail.h Thu Aug 16 19:09:43 2018 (r337925) > @@ -32,7 +32,6 @@ > #ifndef _SYS_JAIL_H_ > #define _SYS_JAIL_H_ > > -#ifdef COMPAT_FREEBSD11 > #ifdef _KERNEL > struct jail_v0 { > u_int32_t version; > @@ -58,6 +57,16 @@ struct jail { > * For all xprison structs, always keep the pr_version an int and > * the first variable so userspace can easily distinguish them. > */ > +#ifndef _KERNEL > +struct xprison_v1 { > + int pr_version; > + int pr_id; > + char pr_path[MAXPATHLEN]; > + char pr_host[MAXHOSTNAMELEN]; > + u_int32_t pr_ip; > +}; > +#endif > + > struct xprison { > int pr_version; > int pr_id; > @@ -82,7 +91,6 @@ struct xprison { > #define PRISON_STATE_INVALID 0 > #define PRISON_STATE_ALIVE 1 > #define PRISON_STATE_DYING 2 > -#endif /* COMPAT_FREEBSD11 */ > > /* > * Flags for jail_set and jail_get. > @@ -102,6 +110,7 @@ struct xprison { > > struct iovec; > > +int jail(struct jail *); > int jail_set(struct iovec *, unsigned int, int); > int jail_get(struct iovec *, unsigned int, int); > int jail_attach(int); > > Modified: head/sys/sys/syscall.h > ============================================================================== > --- head/sys/sys/syscall.h Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/sys/syscall.h Thu Aug 16 19:09:43 2018 (r337925) > @@ -280,7 +280,7 @@ > #define SYS_utrace 335 > /* 336 is freebsd4 sendfile */ > #define SYS_kldsym 337 > -#define SYS_freebsd11_jail 338 > +#define SYS_jail 338 > #define SYS_nnpfs_syscall 339 > #define SYS_sigprocmask 340 > #define SYS_sigsuspend 341 > > Modified: head/sys/sys/syscall.mk > ============================================================================== > --- head/sys/sys/syscall.mk Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/sys/syscall.mk Thu Aug 16 19:09:43 2018 (r337925) > @@ -209,7 +209,7 @@ MIASM = \ > sched_rr_get_interval.o \ > utrace.o \ > kldsym.o \ > - freebsd11_jail.o \ > + jail.o \ > nnpfs_syscall.o \ > sigprocmask.o \ > sigsuspend.o \ > > Modified: head/sys/sys/syscallsubr.h > ============================================================================== > --- head/sys/sys/syscallsubr.h Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/sys/syscallsubr.h Thu Aug 16 19:09:43 2018 (r337925) > @@ -143,6 +143,7 @@ int kern_getsockname(struct thread *td, int fd, struct > int kern_getsockopt(struct thread *td, int s, int level, int name, > void *optval, enum uio_seg valseg, socklen_t *valsize); > int kern_ioctl(struct thread *td, int fd, u_long com, caddr_t data); > +int kern_jail(struct thread *td, struct jail *j); > int kern_jail_get(struct thread *td, struct uio *options, int flags); > int kern_jail_set(struct thread *td, struct uio *options, int flags); > int kern_kevent(struct thread *td, int fd, int nchanges, int nevents, > @@ -307,6 +308,5 @@ struct freebsd11_dirent; > > int freebsd11_kern_getdirentries(struct thread *td, int fd, char *ubuf, u_int > count, long *basep, void (*func)(struct freebsd11_dirent *)); > -int freebsd11_kern_jail(struct thread *td, struct jail *j); > > #endif /* !_SYS_SYSCALLSUBR_H_ */ > > Modified: head/sys/sys/sysproto.h > ============================================================================== > --- head/sys/sys/sysproto.h Thu Aug 16 18:58:34 2018 (r337924) > +++ head/sys/sys/sysproto.h Thu Aug 16 19:09:43 2018 (r337925) > @@ -849,6 +849,9 @@ struct kldsym_args { > char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)]; > char data_l_[PADL_(void *)]; void * data; char data_r_[PADR_(void *)]; > }; > +struct jail_args { > + char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)]; > +}; > struct nnpfs_syscall_args { > char operation_l_[PADL_(int)]; int operation; char operation_r_[PADR_(int)]; > char a_pathP_l_[PADL_(char *)]; char * a_pathP; char a_pathP_r_[PADR_(char *)]; > @@ -1958,6 +1961,7 @@ int sys_sched_get_priority_min(struct thread *, struct > int sys_sched_rr_get_interval(struct thread *, struct sched_rr_get_interval_args *); > int sys_utrace(struct thread *, struct utrace_args *); > int sys_kldsym(struct thread *, struct kldsym_args *); > +int sys_jail(struct thread *, struct jail_args *); > int sys_nnpfs_syscall(struct thread *, struct nnpfs_syscall_args *); > int sys_sigprocmask(struct thread *, struct sigprocmask_args *); > int sys_sigsuspend(struct thread *, struct sigsuspend_args *); > @@ -2527,9 +2531,6 @@ struct freebsd11_fhstat_args { > char u_fhp_l_[PADL_(const struct fhandle *)]; const struct fhandle * u_fhp; char u_fhp_r_[PADR_(const struct fhandle *)]; > char sb_l_[PADL_(struct freebsd11_stat *)]; struct freebsd11_stat * sb; char sb_r_[PADR_(struct freebsd11_stat *)]; > }; > -struct freebsd11_jail_args { > - char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)]; > -}; > struct freebsd11_kevent_args { > char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)]; > char changelist_l_[PADL_(struct kevent_freebsd11 *)]; struct kevent_freebsd11 * changelist; char changelist_r_[PADR_(struct kevent_freebsd11 *)]; > @@ -2578,7 +2579,6 @@ int freebsd11_nstat(struct thread *, struct freebsd11_ > int freebsd11_nfstat(struct thread *, struct freebsd11_nfstat_args *); > int freebsd11_nlstat(struct thread *, struct freebsd11_nlstat_args *); > int freebsd11_fhstat(struct thread *, struct freebsd11_fhstat_args *); > -int freebsd11_jail(struct thread *, struct freebsd11_jail_args *); > int freebsd11_kevent(struct thread *, struct freebsd11_kevent_args *); > int freebsd11_getfsstat(struct thread *, struct freebsd11_getfsstat_args *); > int freebsd11_statfs(struct thread *, struct freebsd11_statfs_args *); > @@ -2849,7 +2849,7 @@ int freebsd11_mknodat(struct thread *, struct freebsd1 > #define SYS_AUE_utrace AUE_NULL > #define SYS_AUE_freebsd4_sendfile AUE_SENDFILE > #define SYS_AUE_kldsym AUE_NULL > -#define SYS_AUE_freebsd11_jail AUE_JAIL > +#define SYS_AUE_jail AUE_JAIL > #define SYS_AUE_nnpfs_syscall AUE_NULL > #define SYS_AUE_sigprocmask AUE_SIGPROCMASK > #define SYS_AUE_sigsuspend AUE_SIGSUSPEND > > -- Rod Grimes rgrimes@freebsd.org