Date: Fri, 29 Jul 2011 22:01:46 +0200 From: Martin Matuska <mm@FreeBSD.org> To: freebsd-current@FreeBSD.org Subject: [PATCH] Updated jail mount/unmount patch Message-ID: <4E3311AA.9080006@FreeBSD.org> In-Reply-To: <4E317951.40601@FreeBSD.org> References: <4E317951.40601@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------030307010502070904020200 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit After implementing a suggestion from pjd@, a new version of the patch is attached, now using a more universal solution - vn_fullpath_global() in the mount part. Dňa 28. 7. 2011 16:59, Martin Matuska wrote / napísal(a): > Please review my attached patch. > > The patch fixes f_mntonname with mount/unmount inside a jail with allow.mount enabled. > Filesystems mountable in a jail require the VFCF_JAIL flag (currently only ZFS). > > With this patch, mount and unmount works both with enforce_statfs = 0 and enforce_statfs = 1. > I suggest disabling mount/unmount for jails with enforce_statfs = 2, as this is contradictory and does not play well with or without this patch. > > I have successfully tested this patch with ZFS, nullfs and tmpfs. > > To enable nullfs for a jail, you have to modify tmpfs/tmpfs_vfsops.c and recompile the tmpfs module: > -VFS_SET(tmpfs_vfsops, tmpfs, 0); > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); > > To enable tmpfs for a jail, you have to modify nullfs/null_vfsops.c and recompile the nullfs module: > -VFS_SET(null_vfsops, nullfs, VFCF_LOOPBACK); > +VFS_SET(null_vfsops, nullfs, VFCF_LOOPBACK | VFCF_JAIL); > > The filesystems can be successfully mounted/unmounted inside a jail and also unmounted from the parent host without problems. > > The mount inside jail, a jail needs allow.mount=1 and enforce.statfs=0 or enforce.statfs=1, for more information see jail(8) > I assume other filesystem not dealing with devices may work correctly with this patch, too (e.g. nfs). > > With jailed nullfs we can run tinderbox in a jail ;) > > Please review, comment and/or test my attached patch. > > Cheers, > mm -- Martin Matuska FreeBSD committer http://blog.vx.sk --------------030307010502070904020200 Content-Type: text/plain; name="jail_mount.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="jail_mount.patch" SW5kZXg6IHN5cy9rZXJuL2tlcm5famFpbC5jCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIHN5cy9rZXJu L2tlcm5famFpbC5jCShyZXZpc2lvbiAyMjQ0NzEpCisrKyBzeXMva2Vybi9rZXJuX2phaWwu Ywkod29ya2luZyBjb3B5KQpAQCAtMzg1OCw3ICszODU4LDggQEAKIAljYXNlIFBSSVZfVkZT X1VOTU9VTlQ6CiAJY2FzZSBQUklWX1ZGU19NT1VOVF9OT05VU0VSOgogCWNhc2UgUFJJVl9W RlNfTU9VTlRfT1dORVI6Ci0JCWlmIChjcmVkLT5jcl9wcmlzb24tPnByX2FsbG93ICYgUFJf QUxMT1dfTU9VTlQpCisJCWlmIChjcmVkLT5jcl9wcmlzb24tPnByX2FsbG93ICYgUFJfQUxM T1dfTU9VTlQgJiYKKwkJCWNyZWQtPmNyX3ByaXNvbi0+cHJfZW5mb3JjZV9zdGF0ZnMgIT0g MikKIAkJCXJldHVybiAoMCk7CiAJCWVsc2UKIAkJCXJldHVybiAoRVBFUk0pOwpJbmRleDog c3lzL2tlcm4vdmZzX21vdW50LmMKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gc3lzL2tlcm4vdmZzX21v dW50LmMJKHJldmlzaW9uIDIyNDQ3MSkKKysrIHN5cy9rZXJuL3Zmc19tb3VudC5jCSh3b3Jr aW5nIGNvcHkpCkBAIC03NDUsNyArNzQ1LDYgQEAKIHZmc19kb21vdW50X2ZpcnN0KAogCXN0 cnVjdCB0aHJlYWQgKnRkLAkJLyogQ2FsbGluZyB0aHJlYWQuICovCiAJc3RydWN0IHZmc2Nv bmYgKnZmc3AsCQkvKiBGaWxlIHN5c3RlbSB0eXBlLiAqLwotCWNoYXIgKmZzcGF0aCwJCQkv KiBNb3VudCBwYXRoLiAqLwogCXN0cnVjdCB2bm9kZSAqdnAsCQkvKiBWbm9kZSB0byBiZSBj b3ZlcmVkLiAqLwogCWludCBmc2ZsYWdzLAkJCS8qIEZsYWdzIGNvbW1vbiB0byBhbGwgZmls ZXN5c3RlbXMuICovCiAJc3RydWN0IHZmc29wdGxpc3QgKipvcHRsaXN0CS8qIE9wdGlvbnMg bG9jYWwgdG8gdGhlIGZpbGVzeXN0ZW0uICovCkBAIC03NTUsMTEgKzc1NCwyMyBAQAogCXN0 cnVjdCBtb3VudCAqbXA7CiAJc3RydWN0IHZub2RlICpuZXdkcDsKIAlpbnQgZXJyb3I7CisJ Y2hhciAqZnNwYXRoLCAqZmJ1ZjsKIAogCW10eF9hc3NlcnQoJkdpYW50LCBNQV9PV05FRCk7 CiAJQVNTRVJUX1ZPUF9FTE9DS0VEKHZwLCBfX2Z1bmNfXyk7CiAJS0FTU0VSVCgoZnNmbGFn cyAmIE1OVF9VUERBVEUpID09IDAsICgiTU5UX1VQREFURSBzaG91bGRuJ3QgYmUgaGVyZSIp KTsKIAorCS8qIENvbnN0cnVjdCBnbG9iYWwgZmlsZXN5c3RlbSBwYXRoIGZyb20gdnAgKi8K KwllcnJvciA9IHZuX2Z1bGxwYXRoX2dsb2JhbCh0ZCwgdnAsICZmc3BhdGgsICZmYnVmKTsK KwlpZiAoZXJyb3IgPT0gMCAmJiBzdHJsZW4oZnNwYXRoKSA+PSBNTkFNRUxFTikKKwkJZXJy b3IgPSBFTkFNRVRPT0xPTkc7CisJaWYgKGVycm9yICE9IDApIHsKKwkJdnB1dCh2cCk7CisJ CWlmIChmYnVmICE9IE5VTEwpCisJCQlmcmVlKGZidWYsIE1fVEVNUCk7CisJCXJldHVybihl cnJvcik7CisJfQorCiAJLyoKIAkgKiBJZiB0aGUgdXNlciBpcyBub3Qgcm9vdCwgZW5zdXJl IHRoYXQgdGhleSBvd24gdGhlIGRpcmVjdG9yeQogCSAqIG9udG8gd2hpY2ggd2UgYXJlIGF0 dGVtcHRpbmcgdG8gbW91bnQuCkBAIC03ODEsMTIgKzc5MiwxNCBAQAogCX0KIAlpZiAoZXJy b3IgIT0gMCkgewogCQl2cHV0KHZwKTsKKwkJZnJlZShmYnVmLCBNX1RFTVApOwogCQlyZXR1 cm4gKGVycm9yKTsKIAl9CiAJVk9QX1VOTE9DSyh2cCwgMCk7CiAKIAkvKiBBbGxvY2F0ZSBh bmQgaW5pdGlhbGl6ZSB0aGUgZmlsZXN5c3RlbS4gKi8KIAltcCA9IHZmc19tb3VudF9hbGxv Yyh2cCwgdmZzcCwgZnNwYXRoLCB0ZC0+dGRfdWNyZWQpOworCWZyZWUoZmJ1ZiwgTV9URU1Q KTsKIAkvKiBYWFhNQUM6IHBhc3MgdG8gdmZzX21vdW50X2FsbG9jPyAqLwogCW1wLT5tbnRf b3B0bmV3ID0gKm9wdGxpc3Q7CiAJLyogU2V0IHRoZSBtb3VudCBsZXZlbCBmbGFncy4gKi8K QEAgLTEwNzAsNyArMTA4Myw3IEBACiAJTkRGUkVFKCZuZCwgTkRGX09OTFlfUE5CVUYpOwog CXZwID0gbmQubmlfdnA7CiAJaWYgKChmc2ZsYWdzICYgTU5UX1VQREFURSkgPT0gMCkgewot CQllcnJvciA9IHZmc19kb21vdW50X2ZpcnN0KHRkLCB2ZnNwLCBmc3BhdGgsIHZwLCBmc2Zs YWdzLAorCQllcnJvciA9IHZmc19kb21vdW50X2ZpcnN0KHRkLCB2ZnNwLCB2cCwgZnNmbGFn cywKIAkJICAgIG9wdGxpc3QpOwogCX0gZWxzZSB7CiAJCWVycm9yID0gdmZzX2RvbW91bnRf dXBkYXRlKHRkLCB2cCwgZnNmbGFncywgb3B0bGlzdCk7CkBAIC0xMTA1LDcgKzExMTgsNyBA QAogCX0gKi8gKnVhcDsKIHsKIAlzdHJ1Y3QgbW91bnQgKm1wOwotCWNoYXIgKnBhdGhidWY7 CisJY2hhciAqcGF0aGJ1ZiwgKnJwYXRoYnVmOwogCWludCBlcnJvciwgaWQwLCBpZDE7CiAK IAlBVURJVF9BUkdfVkFMVUUodWFwLT5mbGFncyk7CkBAIC0xMTQwLDEyICsxMTUzLDI3IEBA CiAJCW10eF91bmxvY2soJm1vdW50bGlzdF9tdHgpOwogCX0gZWxzZSB7CiAJCUFVRElUX0FS R19VUEFUSDEodGQsIHBhdGhidWYpOworCQkvKgorCQkgKiBJZiB3ZSBhcmUgamFpbGVkIGFu ZCBlbmZvcmNlX3N0YXRmcz0xCisJCSAqIGNvbnN0cnVjdCByZWFsIGZpbGVzeXN0ZW0gcGF0 aAorCQkgKi8KKwkJcnBhdGhidWYgPSBtYWxsb2MoTU5BTUVMRU4sIE1fVEVNUCwgTV9XQUlU T0spOworCQlpZiAoamFpbGVkKHRkLT50ZF91Y3JlZCkgJiYKKwkJICAgIHRkLT50ZF91Y3Jl ZC0+Y3JfcHJpc29uLT5wcl9lbmZvcmNlX3N0YXRmcyA9PSAxICYmCisJCSAgICBzdHJjbXAo dGQtPnRkX3VjcmVkLT5jcl9wcmlzb24tPnByX3BhdGgsICIvIikgIT0gMCkgeworCQkJc3Ry bGNweShycGF0aGJ1ZiwgdGQtPnRkX3VjcmVkLT5jcl9wcmlzb24tPnByX3BhdGgsCisJCQkg ICAgTU5BTUVMRU4pOworCQkJc3RybGNhdChycGF0aGJ1ZiwgcGF0aGJ1ZiwgTU5BTUVMRU4p OworCQl9IGVsc2UgeworCQkJc3RybGNweShycGF0aGJ1ZiwgcGF0aGJ1ZiwgTU5BTUVMRU4p OworCQl9CiAJCW10eF9sb2NrKCZtb3VudGxpc3RfbXR4KTsKIAkJVEFJTFFfRk9SRUFDSF9S RVZFUlNFKG1wLCAmbW91bnRsaXN0LCBtbnRsaXN0LCBtbnRfbGlzdCkgewotCQkJaWYgKHN0 cmNtcChtcC0+bW50X3N0YXQuZl9tbnRvbm5hbWUsIHBhdGhidWYpID09IDApCisJCQlpZiAo c3RyY21wKG1wLT5tbnRfc3RhdC5mX21udG9ubmFtZSwgcnBhdGhidWYpID09IDApCiAJCQkJ YnJlYWs7CiAJCX0KIAkJbXR4X3VubG9jaygmbW91bnRsaXN0X210eCk7CisJCWZyZWUocnBh dGhidWYsIE1fVEVNUCk7CiAJfQogCWZyZWUocGF0aGJ1ZiwgTV9URU1QKTsKIAlpZiAobXAg PT0gTlVMTCkgewo= --------------030307010502070904020200--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E3311AA.9080006>