Date: Wed, 07 Jun 2006 22:35:07 +0800 From: Julian Elischer <julian@elischer.org> To: John Baldwin <jhb@freebsd.org> Cc: Alex Lyashkov <shadow@psoft.net>, Robert Watson <rwatson@freebsd.org>, freebsd-arch@freebsd.org Subject: Re: jail extensions Message-ID: <4486E41B.4000003@elischer.org> In-Reply-To: <200606070819.04301.jhb@freebsd.org> References: <1149610678.4074.42.camel@berloga.shadowland> <448633F2.7030902@elischer.org> <20060607095824.W53690@fledge.watson.org> <200606070819.04301.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
John Baldwin wrote: >On Wednesday 07 June 2006 04:59, Robert Watson wrote: > > >>On Wed, 7 Jun 2006, Julian Elischer wrote: >> >> >> >>>>I'd like to clarify Alex's point a bit: he wants to know his work is >>>>acceptable by the project and could be merged. It's obvious it's almost >>>>impossible to maintain that outside of the tree. >>>> >>>> >>>> >>>I'd like to see him merge his project with Marco's . If so then I'd be >>> >>> >more > > >>>than happy to see this stuff come in once it reaches a certain level of >>>maturity. >>> >>>Marco and I have been going over some possible macros that could be used >>> >>> >to > > >>>help with a lot of this and if the macros were used then some of the >>> >>> >changes > > >>>could come in quite early as they would compile out to NOPs for anyone not >>>using the changes. ( and provide an easy target for removal if it >>> >>> >eventually > > >>>doesn't complete). >>> >>> >>FYI, Marko was at the FreeBSD developer summit at BSDCan, and has expressed >>the intent of updating his patches to 6.x/HEAD, so I think there's >> >> >definitely > > >>room for collaboration here. >> >> > >What did you think about Alex's idea of a 'prison0' to for all "non-jailed" >processes so that lots of things can move into 'struct prison' and not >require as much special casing (though then there would be a different set of >special cases I guess as prison0 would be the only prison that could create >child prisons, etc.?) > > Marco's work is somewhat similar. All globals related to the network are moved to structures that can be duplicated. The base system also uses this structure so that in effect the base system is just another instance of the virtual machines. The biggest obstacle is that the 4.x based version just put everything into one structure, meaning that it only worked when all the components effected were compiled into the kernel. None of them could be implemented as a loadable kernel module. This has become much more important in 6.x. Ther is a way to allow this to work but it would require that we implement a kernel version of the idea used for TLS (Thread Local Storage), so that modules being loaded could be added to all the existing VMs and new VMs could get instances of all loaded modules. (and so that a module could not be unloaded until all VMS have destroyed their instance of the related object.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4486E41B.4000003>