Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 5 Sep 2025 02:43:24 +0300
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Jamie Gritton <jamie@freebsd.org>
Cc:        src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject:   Re: git: 851dc7f859c2 - main - jail: add jail descriptors
Message-ID:  <aLokHDP-EMa1LR0D@kib.kiev.ua>
In-Reply-To: <202509042031.584KVpxY000408@gitrepo.freebsd.org>
index | next in thread | previous in thread | raw e-mail 

On Thu, Sep 04, 2025 at 08:31:51PM +0000, Jamie Gritton wrote:
> The branch main has been updated by jamie:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=851dc7f859c23cab09a348bca03ab655534fb7e0
> 
> commit 851dc7f859c23cab09a348bca03ab655534fb7e0
> Author:     Jamie Gritton <jamie@FreeBSD.org>
> AuthorDate: 2025-09-04 20:27:47 +0000
> Commit:     Jamie Gritton <jamie@FreeBSD.org>
> CommitDate: 2025-09-04 20:27:47 +0000
> 
>     jail: add jail descriptors
>     
>     Similar to process descriptors, jail desriptors are allow jail
>     administration using the file descriptor interface instead of JIDs.
>     They come from and can be used by jail_set(2) and jail_get(2),
>     and there are two new system calls, jail_attach_jd(2) and
>     jail_remove_jd(2).
>     
>     Reviewed by:    bz, brooks

The code is from jaildesc_alloc():

	jd = malloc(sizeof(*jd), M_JAILDESC, M_WAITOK | M_ZERO);
	error = falloc_caps(td, &fp, fdp, 0, NULL);
	finit(fp, priv_check_cred(fp->f_cred, PRIV_JAIL_SET) == 0
	    ? FREAD | FWRITE : FREAD, DTYPE_JAILDESC, jd, &jaildesc_ops);
^^^^^^^^^^^ '?' should be placed on the previous line
	if (error != 0) {
		free(jd, M_JAILDESC);
		return (error);
	}
If falloc_caps() returned error, fp does not point to a valid file.
Then finit() operates on random memory.

Generated files should have been committed as a follow-up, not in the
same commit as written code.

jaildesc_find() returns EBADF when passed file type is not DTYPE_JAIL.
Normally EBADF means that the object underlying the file is invalidated,
like vnode is reclaimed, tty is revoked, etc. For the wrong type, EINVAL
should be returned.

jaildesc_close() does
	finit(fp, 0, DTYPE_NONE, NULL, &badfileops);
that is not needed, same as cleaning f_data.

There are fo_chown/fo_chmod methods that are semantically applied to the
jail files, instead of the underlying object.  This is quite strange, files
do not have concept of owner.
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aLokHDP-EMa1LR0D>