From nobody Fri Feb  3 10:11:25 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P7Wdy6WCJz2nRBX;
	Fri,  3 Feb 2023 10:11:34 +0000 (UTC)
	(envelope-from zlei@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4P7Wdy61g1z3M1Q;
	Fri,  3 Feb 2023 10:11:34 +0000 (UTC)
	(envelope-from zlei@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1675419094;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=kBLA7rQaEmwG/ZzsEYbYxfOVtHUviqwln5DDfKiHuj8=;
	b=RFiEv4Vn6PPDBG7vEas79jTK3orMEoxooTwVet/PHZ5dUUPo5qSHAArWiIpI3i0i4hD2EM
	xJPrkecAttSAVerc0RkHpmj8crIuX+75fX7VQMCGUh2Dwv77EDDHrpXGTkGz8RGQoe4P1q
	UEuE2T+vLFpGD7XfN3hVQKDGYOjblGSUY8FUCDtghwiTzkec6vf4vEl8AHtVm2EDlVgX98
	Pedoo3AnugGVEQ1HLpZQJcmd/uymKvcmX8GC/NsCoGJc6Yro+KnoVW1STbs3sdZccwEVFd
	3DkFzd5JruXqggrqP3Yc5r4Jgans/IioGJvl56Tv+XRuCFPameuxEXXX3V2Ysg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1675419094;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=kBLA7rQaEmwG/ZzsEYbYxfOVtHUviqwln5DDfKiHuj8=;
	b=Nem+Pu+C78xAohs/t09MIz1sqY4T67F5kZ9CPHRLYaNIvAeN4rKkkfZblt7NfX1z3/MYQy
	DgvXEHpAJUsc9AFqEDVGUTHcEjGhlSAxI8U82MlXopWCAB5UcdxF5nETj0TCbECw9Vl2w4
	wRlcgA1WaE0zX/Owx+WLBb8jTcPq8DiW7DVRZggHGef3CpIlDU4IWKch+RcEcnXOgK2ybe
	NtAUeUGW5xQwX3o6EGd8FV/be/SSe/W90C+MNygRhHwwXZ9hCO49G2woYFC+cRAcAX5N7n
	G0G4MkPhzTECFeMNdKAeqckX/QKaTYMkr2X5GqQSwd8Ld1xKvPkBVBGhH3LWzA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1675419094; a=rsa-sha256; cv=none;
	b=So+gLLjOeo4Oe9wtrr6nW9vOyHtzK/wxOLjJNHGqSb0YFgSZr3WyxhMqcafngxWhHR8Lhk
	1fEC61kBqxF046M8lyGAygwlxywzTRt0614DgOcB8uUgIXd0yP7ZZVHUJ55LcqO/hEcZko
	xdcpMDgyrNPUXreaftjQQqSNy5wCjZPkGhphVpiAd+aQqAd6GNoDKFrQfP2skmEvbD7eYk
	e+7vHRRRocvbp95d4PsPo4WH/qGcFMhJb/BdzLXPzOgZHNDU55zKpbhLB6F1TBk7XgyMX0
	O4j7ZlMxvoQR8owvD7obGv4LDMz5Gr9jQ5hilmUm+HWZ5xxgC2TAnYDYfQqbFQ==
Received: from smtpclient.apple (ns1.oxydns.net [45.32.91.63])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	(Authenticated sender: zlei/mail)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4P7Wdx2gglztZj;
	Fri,  3 Feb 2023 10:11:33 +0000 (UTC)
	(envelope-from zlei@FreeBSD.org)
From: Zhenlei Huang <zlei@FreeBSD.org>
Message-Id: <DFF01C89-0B7C-40E2-AA6D-9B794A759E03@FreeBSD.org>
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_281FF14D-CED0-49A3-816F-155DC72D3787"
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.2\))
Subject: Re: git: 8bce8d28abe6 - main - jail: Avoid multipurpose return value
 of function prison_ip_restrict()
Date: Fri, 3 Feb 2023 18:11:25 +0800
In-Reply-To: <Y8GzjNMleGOLchR6@FreeBSD.org>
Cc: src-committers@freebsd.org,
 dev-commits-src-all@freebsd.org,
 dev-commits-src-main@freebsd.org
To: Gleb Smirnoff <glebius@freebsd.org>
References: <202301131046.30DAkA0F024400@gitrepo.freebsd.org>
 <Y8GzjNMleGOLchR6@FreeBSD.org>
X-Mailer: Apple Mail (2.3696.120.41.1.2)
X-ThisMailContainsUnwantedMimeParts: N


--Apple-Mail=_281FF14D-CED0-49A3-816F-155DC72D3787
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Hi Gleb,

> On Jan 14, 2023, at 3:39 AM, Gleb Smirnoff <glebius@freebsd.org> =
wrote:
>=20
>  Zhenlei,
>=20
> a couple concise assignments missed:
>=20
> Z> @@ -1876,15 +1871,15 @@ kern_jail_set(struct thread *td, struct uio =
*optuio, int flags)
> Z>  				continue;
> Z>  			}
> Z>  #endif
> Z> -			if (prison_ip_restrict(tpr, PR_INET, NULL)) {
> Z> -				redo_ip4 =3D 1;
> Z> +			if (!prison_ip_restrict(tpr, PR_INET, NULL)) {
> Z> +				redo_ip4 =3D true;
> Z>  				descend =3D 0;
> Z>  			}
> Z>  		}
> Z>  	}
>=20
> 	redo_ip4 =3D !prison_ip_restrict(tpr, PR_INET, NULL);

I think that is wrong, as `prison_ip_restrict` is called in loop round.
`redo_ip4` might flip to false on next round.

So the previous logic is right.

> +    redo_ip4 =3D !prison_ip_restrict(tpr, PR_INET, &ip4);

Should be `redo_ip4 |=3D !prison_ip_restrict(tpr, PR_INET, &ip4);`



>=20
> Z> @@ -1896,8 +1891,8 @@ kern_jail_set(struct thread *td, struct uio =
*optuio, int flags)
> Z>  				continue;
> Z>  			}
> Z>  #endif
> Z> -			if (prison_ip_restrict(tpr, PR_INET6, NULL)) {
> Z> -				redo_ip6 =3D 1;
> Z> +			if (!prison_ip_restrict(tpr, PR_INET6, NULL)) {
> Z> +				redo_ip6 =3D true;
> Z>  				descend =3D 0;
> Z>  			}
> Z>  		}
>=20
> 	redo_ip6 =3D !prison_ip_restrict(tpr, PR_INET6, NULL);
>=20
> --=20
> Gleb Smirnoff


PS, the logic redo_ip4 / redo_ip6 under low memory pressure can be =
optimized and I'll do that later.

Best regards,
Zhenlei


--Apple-Mail=_281FF14D-CED0-49A3-816F-155DC72D3787
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; line-break: after-white-space;" class=3D"">Hi =
Gleb,<br class=3D""><div><br class=3D""><blockquote type=3D"cite" =
class=3D""><div class=3D"">On Jan 14, 2023, at 3:39 AM, Gleb Smirnoff =
&lt;<a href=3D"mailto:glebius@freebsd.org" =
class=3D"">glebius@freebsd.org</a>&gt; wrote:</div><br =
class=3D"Apple-interchange-newline"><div class=3D""><div class=3D""> =
&nbsp;Zhenlei,<br class=3D""><br class=3D"">a couple concise assignments =
missed:<br class=3D""><br class=3D"">Z&gt; @@ -1876,15 +1871,15 @@ =
kern_jail_set(struct thread *td, struct uio *optuio, int flags)<br =
class=3D"">Z&gt; &nbsp;<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>continue;<br class=3D"">Z&gt; =
&nbsp;<span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span>}<br class=3D"">Z&gt; &nbsp;#endif<br class=3D"">Z&gt; -<span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>if =
(prison_ip_restrict(tpr, PR_INET, NULL)) {<br class=3D"">Z&gt; -<span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>redo_ip4 =
=3D 1;<br class=3D"">Z&gt; +<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>if (!prison_ip_restrict(tpr, =
PR_INET, NULL)) {<br class=3D"">Z&gt; +<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>redo_ip4 =3D true;<br =
class=3D"">Z&gt; &nbsp;<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>descend =3D 0;<br class=3D"">Z&gt; =
&nbsp;<span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span>}<br class=3D"">Z&gt; &nbsp;<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>}<br class=3D"">Z&gt; &nbsp;<span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>}<br =
class=3D""><br class=3D""><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>redo_ip4 =3D =
!prison_ip_restrict(tpr, PR_INET, NULL);<br =
class=3D""></div></div></blockquote><div><br class=3D""></div><div>I =
think that is wrong, as `prison_ip_restrict` is called in loop =
round.</div><div>`redo_ip4` might flip to false on next =
round.</div><div><br class=3D""></div><div>So the previous logic is =
right.</div><div><br class=3D""></div><div><span style=3D"caret-color: =
rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: Menlo-Regular;" =
class=3D"">&gt; +</span>&nbsp; &nbsp;&nbsp;<span style=3D"caret-color: =
rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: Menlo-Regular;" =
class=3D"">redo_ip4 =3D !prison_ip_restrict(tpr, PR_INET, =
&amp;ip4);</span></div><div><span style=3D"caret-color: rgb(0, 0, 0); =
color: rgb(0, 0, 0); font-family: Menlo-Regular;" class=3D""><br =
class=3D""></span></div><div><font color=3D"#000000" =
face=3D"Menlo-Regular" class=3D""><span style=3D"caret-color: rgb(0, 0, =
0);" class=3D"">Should be `redo_ip4 |=3D&nbsp;</span></font><span =
style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: =
Menlo-Regular;" class=3D"">!prison_ip_restrict(tpr, PR_INET, =
&amp;ip4);`</span></div><div><br class=3D""></div><div><span =
style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: =
Menlo-Regular;" class=3D""><br class=3D""></span></div><br =
class=3D""><blockquote type=3D"cite" class=3D""><div class=3D""><div =
class=3D""><br class=3D"">Z&gt; @@ -1896,8 +1891,8 @@ =
kern_jail_set(struct thread *td, struct uio *optuio, int flags)<br =
class=3D"">Z&gt; &nbsp;<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>continue;<br class=3D"">Z&gt; =
&nbsp;<span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span>}<br class=3D"">Z&gt; &nbsp;#endif<br class=3D"">Z&gt; -<span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>if =
(prison_ip_restrict(tpr, PR_INET6, NULL)) {<br class=3D"">Z&gt; -<span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span><span =
class=3D"Apple-tab-span" style=3D"white-space:pre">	</span>redo_ip6 =
=3D 1;<br class=3D"">Z&gt; +<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>if (!prison_ip_restrict(tpr, =
PR_INET6, NULL)) {<br class=3D"">Z&gt; +<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>redo_ip6 =3D true;<br =
class=3D"">Z&gt; &nbsp;<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>descend =3D 0;<br class=3D"">Z&gt; =
&nbsp;<span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span>}<br class=3D"">Z&gt; &nbsp;<span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span><span class=3D"Apple-tab-span" =
style=3D"white-space:pre">	</span>}<br class=3D""><br =
class=3D""><span class=3D"Apple-tab-span" style=3D"white-space:pre">	=
</span>redo_ip6 =3D !prison_ip_restrict(tpr, PR_INET6, NULL);<br =
class=3D""><br class=3D"">-- <br class=3D"">Gleb Smirnoff<br =
class=3D""></div></div></blockquote><br class=3D""></div><div><br =
class=3D""></div><div>PS, the logic redo_ip4 / redo_ip6 under low memory =
pressure can be optimized and I'll do that later.</div><br class=3D""><div=
 class=3D"">
<div>Best regards,</div><div>Zhenlei</div>

</div>
<br class=3D""></body></html>=

--Apple-Mail=_281FF14D-CED0-49A3-816F-155DC72D3787--