From owner-freebsd-hackers@freebsd.org Fri May 18 17:01:31 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B6F3CEAE45C; Fri, 18 May 2018 17:01:31 +0000 (UTC) (envelope-from jamie@freebsd.org) Received: from gritton.org (gritton.org [199.192.165.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gritton.org", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2F3BC7F0CB; Fri, 18 May 2018 17:01:30 +0000 (UTC) (envelope-from jamie@freebsd.org) Received: from gritton.org ([127.0.0.131]) by gritton.org (8.15.2/8.15.2) with ESMTP id w4IGnFl5033855; Fri, 18 May 2018 10:49:15 -0600 (MDT) (envelope-from jamie@freebsd.org) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Fri, 18 May 2018 10:49:15 -0600 From: James Gritton To: freebsd-jail@freebsd.org Cc: freebsd-hackers@freebsd.org, Fabian Freyer Subject: Re: sizeof jail parameter value strings Message-ID: X-Sender: jamie@freebsd.org User-Agent: Roundcube Webmail/1.3.6 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 May 2018 17:01:31 -0000 [Sorry about bad headers and formatting - I took this off the archive page] "Fabian Freyer" wrote: > From jail(3): > >> The jail_getv() function takes a null-terminated list of name and >> value >> strings, and passes it to jail_get(2). It is the caller's >> responsibility >> to ensure that the value strings point to buffers large enough to >> hold >> the string representation of the returned parameters. > > What exactly does "large enough" mean here? Is there a way to query the > size of > the corresponding kernel buffers at runtime? Is there a maximum length > a la > MAX_JAIL_PARAM_LEN that the string representations of the returned > parameters > are guaranteed to be shorter than? > > I'm currently implementing a rust wrapper[1] around the jail(2) > interface, and am > not sure how large buffers for the string parameters I'm querying with > jail_get > jail_set have to be. There is a way to find the length of a string parameter, though there isn't a good library interface for it. The security.jail.param.* sysctls describe the form of the parameters, giving the type. The "contents" of these sysctls are generally unused (and set to zero), but for string parameters there's actually the max length of the string (itself in string form). For non-string parameters, the length in string form depends on the type of the parameters, so for an int you'll need as long as the string representation of an ant can be, etc. I don't know how much good C code will do for you for Rust work, but you might want to take a look at jailparam_type() in the libjail source code. It gets more complicated with array parameters, those that can hold an arbitrary number of values. The IP addresses are the best example of that. jail_getv() just isn't a good fit for such a parameter. I would recommend skipping out on jail_getv(), which is really only good for getting a few well-known parameters, and instead use the more complete but more complex jailparam_init/get/export/free. Again, if C helps, take a glance at the jls source. - Jamie