jail extensions

Julian Elischer julian at elischer.org
Wed Jun 7 10:07:04 PDT 2006 

John Baldwin wrote:

>On Wednesday 07 June 2006 04:59, Robert Watson wrote:
>  
>
>>On Wed, 7 Jun 2006, Julian Elischer wrote:
>>
>>    
>>
>>>>I'd like to clarify Alex's point a bit: he wants to know his work is 
>>>>acceptable by the project and could be merged.  It's obvious it's almost 
>>>>impossible to maintain that outside of the tree.
>>>>
>>>>        
>>>>
>>>I'd like to see him merge his project with Marco's . If so then I'd be 
>>>      
>>>
>more 
>  
>
>>>than happy to see this stuff come in once it reaches a certain level of 
>>>maturity.
>>>
>>>Marco and I have been going over some possible macros that could be used 
>>>      
>>>
>to 
>  
>
>>>help with a lot of this and if the macros were used then some of the 
>>>      
>>>
>changes 
>  
>
>>>could come in quite early as they would compile out to NOPs for anyone not 
>>>using the changes. ( and provide an easy target for removal if it 
>>>      
>>>
>eventually 
>  
>
>>>doesn't complete).
>>>      
>>>
>>FYI, Marko was at the FreeBSD developer summit at BSDCan, and has expressed 
>>the intent of updating his patches to 6.x/HEAD, so I think there's 
>>    
>>
>definitely 
>  
>
>>room for collaboration here.
>>    
>>
>
>What did you think about Alex's idea of a 'prison0' to for all "non-jailed" 
>processes so that lots of things can move into 'struct prison' and not 
>require as much special casing (though then there would be a different set of 
>special cases I guess as prison0 would be the only prison that could create 
>child prisons, etc.?)
>  
>


Marco's work is somewhat similar.
All globals related to the network are moved to structures that can be  
duplicated.

The base system also uses this structure so that in effect the base 
system is just another instance
of the virtual machines. The biggest obstacle is that the 4.x based 
version just put everything
into one structure, meaning that it only worked when all the components 
effected were
compiled into the kernel. None of them could be implemented as a 
loadable kernel module.
This has become much more important in 6.x.

Ther is a way to allow this to work but it would require that we 
implement a kernel version of
the idea used for TLS (Thread Local Storage), so that modules being 
loaded could be added
to all the existing VMs and new VMs could get instances of all loaded 
modules.
(and so that a module could not be unloaded until all VMS have destroyed 
their instance
of the related object.)

More information about the freebsd-arch mailing list