svn commit: r235291 - head/lib/libjail

Fri May 11 21:22:53 UTC 2012

Author: jamie
Date: Fri May 11 21:22:52 2012
New Revision: 235291
URL: http://svn.freebsd.org/changeset/base/235291

Log:
  The linker isn't consistent in the ordering of dynamic sysctls, so don't
  assume that the unnamed final component of "security.jail.param.foo." is
  one less than the "foo" component.  It might be one greater instead.

Modified:
  head/lib/libjail/jail.c

Modified: head/lib/libjail/jail.c
==============================================================================

--- head/lib/libjail/jail.c	Fri May 11 21:13:43 2012	(r235290)
+++ head/lib/libjail/jail.c	Fri May 11 21:22:52 2012	(r235291)
@@ -855,7 +855,7 @@ jailparam_type(struct jailparam *jp)
 {
 	char *p, *nname;
 	size_t miblen, desclen;
-	int isarray;
+	int i, isarray;
 	struct {
 	    int i;
 	    char s[MAXPATHLEN];
@@ -977,21 +977,33 @@ jailparam_type(struct jailparam *jp)
 		}
 		break;
 	case CTLTYPE_NODE:
-		/* A node might be described by an empty-named child. */
+		/*
+		 * A node might be described by an empty-named child,
+		 * which would be immediately before or after the node itself.
+		 */
 		mib[1] = 1;
-		mib[(miblen / sizeof(int)) + 2] =
-		    mib[(miblen / sizeof(int)) + 1] - 1;
 		miblen += sizeof(int);
-		desclen = sizeof(desc.s);
-		if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s, &desclen,
-		    NULL, 0) < 0) {
-			snprintf(jail_errmsg, JAIL_ERRMSGLEN,
-			    "sysctl(0.1): %s", strerror(errno));
-			return (-1);
+		for (i = -1; i <= 1; i += 2) {
+			mib[(miblen / sizeof(int)) + 1] =
+			    mib[(miblen / sizeof(int))] + i;
+			desclen = sizeof(desc.s);
+			if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s,
+			    &desclen, NULL, 0) < 0) {
+				if (errno == ENOENT)
+					continue;
+				snprintf(jail_errmsg, JAIL_ERRMSGLEN,
+				    "sysctl(0.1): %s", strerror(errno));
+				return (-1);
+			}
+			if (desclen ==
+			    sizeof(SJPARAM) + strlen(jp->jp_name) + 2 &&
+			    memcmp(SJPARAM ".", desc.s, sizeof(SJPARAM)) == 0 &&
+			    memcmp(jp->jp_name, desc.s + sizeof(SJPARAM),
+			    desclen - sizeof(SJPARAM) - 2) == 0 &&
+			    desc.s[desclen - 2] == '.')
+				goto mib_desc;
 		}
-		if (desc.s[desclen - 2] != '.')
-			goto unknown_parameter;
-		goto mib_desc;
+		goto unknown_parameter;
 	default:
 		snprintf(jail_errmsg, JAIL_ERRMSGLEN,
 		    "unknown type for %s", jp->jp_name);
