From nobody Tue Feb 3 04:38:07 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4f4rMN3ktFz6R4xk for ; Tue, 03 Feb 2026 04:38:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4f4rMN15rDz3sNk for ; Tue, 03 Feb 2026 04:38:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1770093488; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tcLDD1glXsGkRz/1yTrb6eBDDveTcdENtBl21HU97nw=; b=PAzBPDO1lRHyB21i5VAIv8ez3YZdBAd7qQ1w1i3P+mhN1SZJnbq/L7llGjO3d8+CYdGMUz CcIBOoHeQPDcIDqdDRJU8UunbyiGYlmpE+RqNdOHSLPay8ytEdKxTBnkdBBXJOvbTiOVw3 CBzi1hxkgvhdE/fBy7c4ia3uDjP3JBtnYZLVWCicg4Rzsp9WMhdpZK53tzlFzZKogl6n09 cbezO3xaNx0JGprlbbzHQAjcLPKeFH+iNDvsnPm2gimQ7+lgngycDcTYhvfwgSpBtZyWqt gUSHxi6eobAFVSITyKdeKBjkGR7IujdNU0dBH3kfaYyCRCDwAKU/kAKhYvJU0g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1770093488; a=rsa-sha256; cv=none; b=Gc8AUQ4jXPehea5v+JXOxafgnCO5sa5FwtgAktP9DptUKpmrVGE/vtsQ7wdnoxs9gotOwe 6ZJsEygRQr8ZmYzmdpAz7wWzWced9gLHjqg0cCJhf5qzcbp4/OwVBbBfQ7fvcucODZKb2G VisAsnj4MzYSGdUEjGv3fVcr2bMB7vR6Tcsn2XHeJ3OVGQ4bkTQAtnas83zgK9HzkUhekt hejg9Ggijz4F3cY7di4wx8rtVQYZxh8nBd7v0AUCtfDiuoVIL65jNV2sOiJvu214nlMaci 2OHHDZerHxzxJ/M2hex9HKQ9CORCNCEI3PF9EevsLMmsz1txRT+6wEIJ9h76kQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1770093488; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tcLDD1glXsGkRz/1yTrb6eBDDveTcdENtBl21HU97nw=; b=yvinY2abWUI2HYIm5eLwqEnqmeUW1PW/UX1ppQS8WoKDL+Y6sZvSOFYc1ugE6iDe0Rj3JC vkAZPfU4wlf6dERF7awKwxS/jZS5kJZE/ZY9NRY+3v1+Gvf5EZ8ZowmqQc5f5QvVa+YZIM 5fDvagHj5+X3bkZk1EEpSk/B65/w42XhK3hgsFC0/Gyrrt+5jwtxbK+e5FR+/W5p3wKQmz /L9KDFOVyzZ4yg6I4T6CfvCLpeTzpktuQcMrk5XMaIUE+ALoTR6FRCq7Y4VrwTapI1gNbE WY33d9UVzMhuixGesJ/eB9z9H1foDw+msjAmiIi1qvdDve8tR8+soC2n8hxBrw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4f4rMM6nwgzxYV for ; Tue, 03 Feb 2026 04:38:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 45d28 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 03 Feb 2026 04:38:07 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 56b9de5484bc - stable/14 - jail: separate "statically valid allow flags" from "prison0 allow flags" List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 56b9de5484bc035304290d83fb2dc92d55b98eb4 Auto-Submitted: auto-generated Date: Tue, 03 Feb 2026 04:38:07 +0000 Message-Id: <69817baf.45d28.45285012@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=56b9de5484bc035304290d83fb2dc92d55b98eb4 commit 56b9de5484bc035304290d83fb2dc92d55b98eb4 Author: Kyle Evans AuthorDate: 2026-02-03 04:37:23 +0000 Commit: Kyle Evans CommitDate: 2026-02-03 04:37:23 +0000 jail: separate "statically valid allow flags" from "prison0 allow flags" The current setup means that we can't add an allow flag in sys/jail.h that's disabled by default without removing it from the pr_flags assignment in kern_jail.c. That's technically fine, but I think it's better to make it more prevalent at the PR_ALLOW_* definition site so that it's top-of-mind when adding a new flag. This is a preparatory change for adding an allow flag that prison0 will also have disabled by default, but with an allow.* knob and sysctl to enable it. Reviewed by: jamie (cherry picked from commit 58c92776d1580717934e29ca2c0ef9bf2fbb7397) --- sys/kern/kern_jail.c | 5 ++++- sys/sys/jail.h | 8 ++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index 03a5eaabdf34..30b77090434e 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -117,8 +117,11 @@ struct prison prison0 = { #else .pr_flags = PR_HOST|_PR_IP_SADDRSEL, #endif - .pr_allow = PR_ALLOW_ALL_STATIC, + .pr_allow = PR_ALLOW_PRISON0, }; +_Static_assert((PR_ALLOW_PRISON0 & ~PR_ALLOW_ALL_STATIC) == 0, + "Bits enabled in PR_ALLOW_PRISON0 that are not statically reserved"); + MTX_SYSINIT(prison0, &prison0.pr_mtx, "jail mutex", MTX_DEF); struct bool_flags { diff --git a/sys/sys/jail.h b/sys/sys/jail.h index 0291d99ec5af..504dedc277df 100644 --- a/sys/sys/jail.h +++ b/sys/sys/jail.h @@ -257,7 +257,15 @@ struct prison_racct { #define PR_ALLOW_KMEM_ACCESS 0x00010000 /* reserved, not used yet */ #define PR_ALLOW_NFSD 0x00020000 #define PR_ALLOW_ROUTING 0x00040000 + +/* + * PR_ALLOW_PRISON0 are the allow flags that we apply by default to prison0, + * while PR_ALLOW_ALL_STATIC are all of the allow bits that we have allocated at + * build time. PR_ALLOW_ALL_STATIC should contain any bit above that we expect + * to be used on the system, while PR_ALLOW_PRISON0 will be some subset of that. + */ #define PR_ALLOW_ALL_STATIC 0x000787ff +#define PR_ALLOW_PRISON0 (PR_ALLOW_ALL_STATIC) /* * PR_ALLOW_DIFFERENCES determines which flags are able to be