svn commit: r337922 - in head: lib/libc/gen lib/libc/sys share/man/man9 sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/freebsd32 sys/fs/nandfs sys/kern sys/sys sys/ufs/ufs
Jamie Gritton
jamie at FreeBSD.org
Thu Aug 16 18:40:23 UTC 2018
Author: jamie
Date: Thu Aug 16 18:40:16 2018
New Revision: 337922
URL: https://svnweb.freebsd.org/changeset/base/337922
Log:
Put jail(2) under COMPAT_FREEBSD11. It has been the "old" way of creating
jails since FreeBSD 7.
Along with the system call, put the various security.jail.allow_foo and
security.jail.foo_allowed sysctls partly under COMPAT_FREEBSD11 (or
BURN_BRIDGES). These sysctls had two disparate uses: on the system side,
they were global permissions for jails created via jail(2) which lacked
fine-grained permission controls; inside a jail, they're read-only
descriptions of what the current jail is allowed to do. The first use
is obsolete along with jail(2), but keep them for the second-read-only use.
Differential Revision: D14791
Modified:
head/lib/libc/gen/getvfsbyname.3
head/lib/libc/sys/jail.2
head/share/man/man9/VFS_SET.9
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
head/sys/compat/freebsd32/freebsd32_misc.c
head/sys/compat/freebsd32/freebsd32_proto.h
head/sys/compat/freebsd32/freebsd32_syscall.h
head/sys/compat/freebsd32/freebsd32_syscalls.c
head/sys/compat/freebsd32/freebsd32_sysent.c
head/sys/compat/freebsd32/freebsd32_systrace_args.c
head/sys/compat/freebsd32/syscalls.master
head/sys/fs/nandfs/nandfs_vnops.c
head/sys/kern/init_sysent.c
head/sys/kern/kern_jail.c
head/sys/kern/syscalls.c
head/sys/kern/syscalls.master
head/sys/kern/systrace_args.c
head/sys/sys/jail.h
head/sys/sys/syscall.h
head/sys/sys/syscall.mk
head/sys/sys/syscallsubr.h
head/sys/sys/sysproto.h
head/sys/ufs/ufs/ufs_vnops.c
Modified: head/lib/libc/gen/getvfsbyname.3
==============================================================================
--- head/lib/libc/gen/getvfsbyname.3 Thu Aug 16 18:37:47 2018 (r337921)
+++ head/lib/libc/gen/getvfsbyname.3 Thu Aug 16 18:40:16 2018 (r337922)
@@ -28,7 +28,7 @@
.\" @(#)kvm_getvfsbyname.3 8.3 (Berkeley) 5/4/95
.\" $FreeBSD$
.\"
-.Dd August 30, 2016
+.Dd August 16, 2018
.Dt GETVFSBYNAME 3
.Os
.Sh NAME
@@ -83,9 +83,10 @@ aliases some other mounted FS
stores file names as Unicode
.It Dv VFCF_JAIL
can be mounted from within a jail if
-.Va security.jail.mount_allowed
-sysctl is set to
-.Dv 1
+.Va allow.mount
+and
+.Va allow.mount.<vfc_name>
+jail parameters are set
.It Dv VFCF_DELEGADMIN
supports delegated administration if
.Va vfs.usermount
Modified: head/lib/libc/sys/jail.2
==============================================================================
--- head/lib/libc/sys/jail.2 Thu Aug 16 18:37:47 2018 (r337921)
+++ head/lib/libc/sys/jail.2 Thu Aug 16 18:40:16 2018 (r337922)
@@ -25,11 +25,10 @@
.\"
.\" $FreeBSD$
.\"
-.Dd February 8, 2012
+.Dd August 16, 2018
.Dt JAIL 2
.Os
.Sh NAME
-.Nm jail ,
.Nm jail_get ,
.Nm jail_set ,
.Nm jail_remove ,
@@ -41,8 +40,6 @@
.In sys/param.h
.In sys/jail.h
.Ft int
-.Fn jail "struct jail *jail"
-.Ft int
.Fn jail_attach "int jid"
.Ft int
.Fn jail_remove "int jid"
@@ -53,74 +50,7 @@
.Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
.Sh DESCRIPTION
The
-.Fn jail
-system call sets up a jail and locks the current process in it.
-.Pp
-The argument is a pointer to a structure describing the prison:
-.Bd -literal -offset indent
-struct jail {
- uint32_t version;
- char *path;
- char *hostname;
- char *jailname;
- unsigned int ip4s;
- unsigned int ip6s;
- struct in_addr *ip4;
- struct in6_addr *ip6;
-};
-.Ed
-.Pp
-.Dq Li version
-defines the version of the API in use.
-.Dv JAIL_API_VERSION
-is defined for the current version.
-.Pp
-The
-.Dq Li path
-pointer should be set to the directory which is to be the root of the
-prison.
-.Pp
-The
-.Dq Li hostname
-pointer can be set to the hostname of the prison.
-This can be changed
-from the inside of the prison.
-.Pp
-The
-.Dq Li jailname
-pointer is an optional name that can be assigned to the jail
-for example for management purposes.
-.Pp
-The
-.Dq Li ip4s
-and
-.Dq Li ip6s
-give the numbers of IPv4 and IPv6 addresses that will be passed
-via their respective pointers.
-.Pp
-The
-.Dq Li ip4
-and
-.Dq Li ip6
-pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
-the prison, or NULL if none.
-IPv4 addresses must be in network byte order.
-.Pp
-This is equivalent to, and deprecated in favor of, the
.Fn jail_set
-system call (see below), with the parameters
-.Va path ,
-.Va host.hostname ,
-.Va name ,
-.Va ip4.addr ,
-and
-.Va ip6.addr ,
-and with the
-.Dv JAIL_ATTACH
-flag.
-.Pp
-The
-.Fn jail_set
system call creates a new jail, or modifies an existing one, and optionally
locks the current process in it.
Jail parameters are passed as an array of name-value pairs in the array
@@ -146,13 +76,19 @@ The current set of available parameters, and their for
retrieved via the
.Va security.jail.param
sysctl MIB entry.
-Notable parameters include those mentioned in the
-.Fn jail
-description above, as well as
+Notable parameters include
.Va jid
and
-.Va name ,
-which identify the jail being created or modified.
+.Va name
+which identify the jail being created or modified,
+.Va path
+(the root directory of the jail),
+.Va host.hostname
+(the hostname of the jail), and
+.Va ip4.addr
+and
+.Va ip6.addr
+(IP addresses to assign to the jail).
See
.Xr jail 8
for more information on the core jail parameters.
@@ -237,8 +173,7 @@ It will kill all processes belonging to the jail, and
of that jail.
.Sh RETURN VALUES
If successful,
-.Fn jail ,
-.Fn jail_set ,
+.Fn jail_set
and
.Fn jail_get
return a non-negative integer, termed the jail identifier (JID).
@@ -249,25 +184,6 @@ to indicate the error.
.Rv -std jail_attach jail_remove
.Sh ERRORS
The
-.Fn jail
-system call
-will fail if:
-.Bl -tag -width Er
-.It Bq Er EPERM
-This process is not allowed to create a jail, either because it is not
-the super-user, or because it would exceed the jail's
-.Va children.max
-limit.
-.It Bq Er EFAULT
-.Fa jail
-points to an address outside the allocated address space of the process.
-.It Bq Er EINVAL
-The version number of the argument is not correct.
-.It Bq Er EAGAIN
-No free JID could be found.
-.El
-.Pp
-The
.Fn jail_set
system call
will fail if:
@@ -371,8 +287,7 @@ does not exist.
.El
.Pp
Further
-.Fn jail ,
-.Fn jail_set ,
+.Fn jail_set
and
.Fn jail_attach
call
@@ -386,7 +301,7 @@ manual page for details.
.Xr chroot 2 ,
.Xr jail 8
.Sh HISTORY
-The
+The now-deprecated
.Fn jail
system call appeared in
.Fx 4.0 .
Modified: head/share/man/man9/VFS_SET.9
==============================================================================
--- head/share/man/man9/VFS_SET.9 Thu Aug 16 18:37:47 2018 (r337921)
+++ head/share/man/man9/VFS_SET.9 Thu Aug 16 18:40:16 2018 (r337922)
@@ -26,7 +26,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd February 21, 2013
+.Dd August 16, 2018
.Dt VFS_SET 9
.Os
.Sh NAME
@@ -72,9 +72,10 @@ Loopback file system layer.
File names are stored as Unicode.
.It Dv VFCF_JAIL
Can be mounted from within a jail if
-.Va security.jail.mount_allowed
-sysctl is set to
-.Dv 1 .
+.Va allow.mount
+and
+.Va allow.mount.<fsname>
+jail parameters are set.
.It Dv VFCF_DELEGADMIN
Supports delegated administration if
.Va vfs.usermount
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
==============================================================================
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -5195,9 +5195,8 @@ zfs_freebsd_setattr(ap)
* Privileged non-jail processes may not modify system flags
* if securelevel > 0 and any existing system flags are set.
* Privileged jail processes behave like privileged non-jail
- * processes if the security.jail.chflags_allowed sysctl is
- * is non-zero; otherwise, they behave like unprivileged
- * processes.
+ * processes if the PR_ALLOW_CHFLAGS permission bit is set;
+ * otherwise, they behave like unprivileged processes.
*/
if (secpolicy_fs_owner(vp->v_mount, cred) == 0 ||
priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0) == 0) {
Modified: head/sys/compat/freebsd32/freebsd32_misc.c
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_misc.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/freebsd32_misc.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -2289,8 +2289,10 @@ freebsd32_sysctl(struct thread *td, struct freebsd32_s
return (0);
}
+#ifdef COMPAT_FREEBSD11
int
-freebsd32_jail(struct thread *td, struct freebsd32_jail_args *uap)
+freebsd11_freebsd32_jail(struct thread *td,
+ struct freebsd11_freebsd32_jail_args *uap)
{
uint32_t version;
int error;
@@ -2347,8 +2349,9 @@ freebsd32_jail(struct thread *td, struct freebsd32_jai
/* Sci-Fi jails are not supported, sorry. */
return (EINVAL);
}
- return (kern_jail(td, &j));
+ return (freebsd11_kern_jail(td, &j));
}
+#endif /* COMPAT_FREEBSD11 */
int
freebsd32_jail_set(struct thread *td, struct freebsd32_jail_set_args *uap)
Modified: head/sys/compat/freebsd32/freebsd32_proto.h
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_proto.h Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/freebsd32_proto.h Thu Aug 16 18:40:16 2018 (r337922)
@@ -283,9 +283,6 @@ struct freebsd32_sched_rr_get_interval_args {
char pid_l_[PADL_(pid_t)]; pid_t pid; char pid_r_[PADR_(pid_t)];
char interval_l_[PADL_(struct timespec32 *)]; struct timespec32 * interval; char interval_r_[PADR_(struct timespec32 *)];
};
-struct freebsd32_jail_args {
- char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)];
-};
struct freebsd32_sigtimedwait_args {
char set_l_[PADL_(const sigset_t *)]; const sigset_t * set; char set_r_[PADR_(const sigset_t *)];
char info_l_[PADL_(siginfo_t *)]; siginfo_t * info; char info_r_[PADR_(siginfo_t *)];
@@ -761,7 +758,6 @@ int freebsd32_aio_return(struct thread *, struct freeb
int freebsd32_aio_suspend(struct thread *, struct freebsd32_aio_suspend_args *);
int freebsd32_aio_error(struct thread *, struct freebsd32_aio_error_args *);
int freebsd32_sched_rr_get_interval(struct thread *, struct freebsd32_sched_rr_get_interval_args *);
-int freebsd32_jail(struct thread *, struct freebsd32_jail_args *);
int freebsd32_sigtimedwait(struct thread *, struct freebsd32_sigtimedwait_args *);
int freebsd32_sigwaitinfo(struct thread *, struct freebsd32_sigwaitinfo_args *);
int freebsd32_aio_waitcomplete(struct thread *, struct freebsd32_aio_waitcomplete_args *);
@@ -1184,6 +1180,9 @@ struct freebsd11_freebsd32_fhstat_args {
char u_fhp_l_[PADL_(const struct fhandle *)]; const struct fhandle * u_fhp; char u_fhp_r_[PADR_(const struct fhandle *)];
char sb_l_[PADL_(struct freebsd11_stat32 *)]; struct freebsd11_stat32 * sb; char sb_r_[PADR_(struct freebsd11_stat32 *)];
};
+struct freebsd11_freebsd32_jail_args {
+ char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)];
+};
struct freebsd11_freebsd32_kevent_args {
char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)];
char changelist_l_[PADL_(const struct kevent32_freebsd11 *)]; const struct kevent32_freebsd11 * changelist; char changelist_r_[PADR_(const struct kevent32_freebsd11 *)];
@@ -1223,6 +1222,7 @@ int freebsd11_freebsd32_lstat(struct thread *, struct
int freebsd11_freebsd32_getdirentries(struct thread *, struct freebsd11_freebsd32_getdirentries_args *);
int freebsd11_freebsd32_getdents(struct thread *, struct freebsd11_freebsd32_getdents_args *);
int freebsd11_freebsd32_fhstat(struct thread *, struct freebsd11_freebsd32_fhstat_args *);
+int freebsd11_freebsd32_jail(struct thread *, struct freebsd11_freebsd32_jail_args *);
int freebsd11_freebsd32_kevent(struct thread *, struct freebsd11_freebsd32_kevent_args *);
int freebsd11_freebsd32_fstatat(struct thread *, struct freebsd11_freebsd32_fstatat_args *);
int freebsd11_freebsd32_mknodat(struct thread *, struct freebsd11_freebsd32_mknodat_args *);
@@ -1317,7 +1317,7 @@ int freebsd11_freebsd32_mknodat(struct thread *, struc
#define FREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO
#define FREEBSD32_SYS_AUE_freebsd32_sched_rr_get_interval AUE_NULL
#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile AUE_SENDFILE
-#define FREEBSD32_SYS_AUE_freebsd32_jail AUE_JAIL
+#define FREEBSD32_SYS_AUE_freebsd11_freebsd32_jail AUE_JAIL
#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction AUE_SIGACTION
#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn AUE_SIGRETURN
#define FREEBSD32_SYS_AUE_freebsd32_sigtimedwait AUE_SIGWAIT
Modified: head/sys/compat/freebsd32/freebsd32_syscall.h
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_syscall.h Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/freebsd32_syscall.h Thu Aug 16 18:40:16 2018 (r337922)
@@ -275,7 +275,7 @@
#define FREEBSD32_SYS_utrace 335
/* 336 is freebsd4 freebsd32_sendfile */
#define FREEBSD32_SYS_kldsym 337
-#define FREEBSD32_SYS_freebsd32_jail 338
+#define FREEBSD32_SYS_freebsd11_freebsd32_jail 338
#define FREEBSD32_SYS_sigprocmask 340
#define FREEBSD32_SYS_sigsuspend 341
/* 342 is freebsd4 freebsd32_sigaction */
Modified: head/sys/compat/freebsd32/freebsd32_syscalls.c
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_syscalls.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/freebsd32_syscalls.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -347,7 +347,7 @@ const char *freebsd32_syscallnames[] = {
"utrace", /* 335 = utrace */
"compat4.freebsd32_sendfile", /* 336 = freebsd4 freebsd32_sendfile */
"kldsym", /* 337 = kldsym */
- "freebsd32_jail", /* 338 = freebsd32_jail */
+ "compat11.freebsd32_jail", /* 338 = freebsd11 freebsd32_jail */
"#339", /* 339 = pioctl */
"sigprocmask", /* 340 = sigprocmask */
"sigsuspend", /* 341 = sigsuspend */
Modified: head/sys/compat/freebsd32/freebsd32_sysent.c
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_sysent.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/freebsd32_sysent.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -394,7 +394,7 @@ struct sysent freebsd32_sysent[] = {
{ AS(utrace_args), (sy_call_t *)sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 335 = utrace */
{ compat4(AS(freebsd4_freebsd32_sendfile_args),freebsd32_sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 freebsd32_sendfile */
{ AS(kldsym_args), (sy_call_t *)sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 337 = kldsym */
- { AS(freebsd32_jail_args), (sy_call_t *)freebsd32_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd32_jail */
+ { compat11(AS(freebsd11_freebsd32_jail_args),freebsd32_jail), AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd11 freebsd32_jail */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 339 = pioctl */
{ AS(sigprocmask_args), (sy_call_t *)sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 340 = sigprocmask */
{ AS(sigsuspend_args), (sy_call_t *)sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 341 = sigsuspend */
Modified: head/sys/compat/freebsd32/freebsd32_systrace_args.c
==============================================================================
--- head/sys/compat/freebsd32/freebsd32_systrace_args.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/freebsd32_systrace_args.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -1559,13 +1559,6 @@ systrace_args(int sysnum, void *params, uint64_t *uarg
*n_args = 3;
break;
}
- /* freebsd32_jail */
- case 338: {
- struct freebsd32_jail_args *p = params;
- uarg[0] = (intptr_t) p->jail; /* struct jail32 * */
- *n_args = 1;
- break;
- }
/* sigprocmask */
case 340: {
struct sigprocmask_args *p = params;
@@ -5711,16 +5704,6 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *d
break;
};
break;
- /* freebsd32_jail */
- case 338:
- switch(ndx) {
- case 0:
- p = "userland struct jail32 *";
- break;
- default:
- break;
- };
- break;
/* sigprocmask */
case 340:
switch(ndx) {
@@ -9670,11 +9653,6 @@ systrace_return_setargdesc(int sysnum, int ndx, char *
break;
/* kldsym */
case 337:
- if (ndx == 0 || ndx == 1)
- p = "int";
- break;
- /* freebsd32_jail */
- case 338:
if (ndx == 0 || ndx == 1)
p = "int";
break;
Modified: head/sys/compat/freebsd32/syscalls.master
==============================================================================
--- head/sys/compat/freebsd32/syscalls.master Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/compat/freebsd32/syscalls.master Thu Aug 16 18:40:16 2018 (r337922)
@@ -601,7 +601,7 @@
off_t *sbytes, int flags); }
337 AUE_NULL NOPROTO { int kldsym(int fileid, int cmd, \
void *data); }
-338 AUE_JAIL STD { int freebsd32_jail(struct jail32 *jail); }
+338 AUE_JAIL COMPAT11 { int freebsd32_jail(struct jail32 *jail); }
339 AUE_NULL UNIMPL pioctl
340 AUE_SIGPROCMASK NOPROTO { int sigprocmask(int how, \
const sigset_t *set, sigset_t *oset); }
Modified: head/sys/fs/nandfs/nandfs_vnops.c
==============================================================================
--- head/sys/fs/nandfs/nandfs_vnops.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/fs/nandfs/nandfs_vnops.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -834,9 +834,8 @@ nandfs_setattr(struct vop_setattr_args *ap)
* Privileged non-jail processes may not modify system flags
* if securelevel > 0 and any existing system flags are set.
* Privileged jail processes behave like privileged non-jail
- * processes if the security.jail.chflags_allowed sysctl is
- * is non-zero; otherwise, they behave like unprivileged
- * processes.
+ * processes if the PR_ALLOW_CHFLAGS permission bit is set;
+ * otherwise, they behave like unprivileged processes.
*/
flags = inode->i_flags;
Modified: head/sys/kern/init_sysent.c
==============================================================================
--- head/sys/kern/init_sysent.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/kern/init_sysent.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -387,7 +387,7 @@ struct sysent sysent[] = {
{ AS(utrace_args), (sy_call_t *)sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 335 = utrace */
{ compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 sendfile */
{ AS(kldsym_args), (sy_call_t *)sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 337 = kldsym */
- { AS(jail_args), (sy_call_t *)sys_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = jail */
+ { compat11(AS(freebsd11_jail_args),jail), AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 338 = freebsd11 jail */
{ AS(nnpfs_syscall_args), (sy_call_t *)lkmressys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, /* 339 = nnpfs_syscall */
{ AS(sigprocmask_args), (sy_call_t *)sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 340 = sigprocmask */
{ AS(sigsuspend_args), (sy_call_t *)sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 341 = sigsuspend */
Modified: head/sys/kern/kern_jail.c
==============================================================================
--- head/sys/kern/kern_jail.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/kern/kern_jail.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -74,6 +74,14 @@ __FBSDID("$FreeBSD$");
#include <security/mac/mac_framework.h>
+/*
+ * The old jail(2) interface will exist under COMPAT_FREEBSD11, but the global
+ * permission sysctls are slated to go away sometime (even with COMPAT).
+ */
+#if defined(COMPAT_FREEBSD11) && !defined(BURN_BRIDGES)
+#define PR_GLOBAL_ALLOW
+#endif
+
#define DEFAULT_HOSTUUID "00000000-0000-0000-0000-000000000000"
MALLOC_DEFINE(M_PRISON, "prison", "Prison structures");
@@ -199,9 +207,11 @@ const size_t pr_flag_allow_size = sizeof(pr_flag_allow
#define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME | PR_ALLOW_RESERVED_PORTS)
#define JAIL_DEFAULT_ENFORCE_STATFS 2
#define JAIL_DEFAULT_DEVFS_RSNUM 0
+#ifdef PR_GLOBAL_ALLOW
static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;
static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
static int jail_default_devfs_rsnum = JAIL_DEFAULT_DEVFS_RSNUM;
+#endif
#if defined(INET) || defined(INET6)
static unsigned jail_max_af_ips = 255;
#endif
@@ -219,13 +229,14 @@ prison0_init(void)
strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease));
}
+#ifdef COMPAT_FREEBSD11
/*
* struct jail_args {
* struct jail *jail;
* };
*/
int
-sys_jail(struct thread *td, struct jail_args *uap)
+freebsd11_jail(struct thread *td, struct freebsd11_jail_args *uap)
{
uint32_t version;
int error;
@@ -270,13 +281,16 @@ sys_jail(struct thread *td, struct jail_args *uap)
/* Sci-Fi jails are not supported, sorry. */
return (EINVAL);
}
- return (kern_jail(td, &j));
+ return (freebsd11_kern_jail(td, &j));
}
int
-kern_jail(struct thread *td, struct jail *j)
+freebsd11_kern_jail(struct thread *td, struct jail *j)
{
- struct iovec optiov[2 * (4 + nitems(pr_flag_allow)
+ struct iovec optiov[2 * (3
+#ifdef PR_GLOBAL_ALLOW
+ + 1 + nitems(pr_flag_allow)
+#endif
#ifdef INET
+ 1
#endif
@@ -286,7 +300,10 @@ kern_jail(struct thread *td, struct jail *j)
)];
struct uio opt;
char *u_path, *u_hostname, *u_name;
+#ifdef PR_GLOBAL_ALLOW
struct bool_flags *bf;
+ int enforce_statfs;
+#endif
#ifdef INET
uint32_t ip4s;
struct in_addr *u_ip4;
@@ -295,7 +312,7 @@ kern_jail(struct thread *td, struct jail *j)
struct in6_addr *u_ip6;
#endif
size_t tmplen;
- int error, enforce_statfs;
+ int error;
bzero(&optiov, sizeof(optiov));
opt.uio_iov = optiov;
@@ -306,6 +323,7 @@ kern_jail(struct thread *td, struct jail *j)
opt.uio_rw = UIO_READ;
opt.uio_td = td;
+#ifdef PR_GLOBAL_ALLOW
/* Set permissions for top-level jails from sysctls. */
if (!jailed(td->td_ucred)) {
for (bf = pr_flag_allow;
@@ -327,6 +345,7 @@ kern_jail(struct thread *td, struct jail *j)
optiov[opt.uio_iovcnt].iov_len = sizeof(enforce_statfs);
opt.uio_iovcnt++;
}
+#endif
tmplen = MAXPATHLEN + MAXHOSTNAMELEN + MAXHOSTNAMELEN;
#ifdef INET
@@ -430,6 +449,7 @@ kern_jail(struct thread *td, struct jail *j)
free(u_path, M_TEMP);
return (error);
}
+#endif /* COMPAT_FREEBSD11 */
/*
@@ -1247,7 +1267,11 @@ kern_jail_set(struct thread *td, struct uio *optuio, i
pr->pr_securelevel = ppr->pr_securelevel;
pr->pr_allow = JAIL_DEFAULT_ALLOW & ppr->pr_allow;
+#ifdef PR_GLOBAL_ALLOW
pr->pr_enforce_statfs = jail_default_enforce_statfs;
+#else
+ pr->pr_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
+#endif
pr->pr_devfs_rsnum = ppr->pr_devfs_rsnum;
pr->pr_osreldate = osreldt ? osreldt : ppr->pr_osreldate;
@@ -3415,6 +3439,7 @@ prison_path(struct prison *pr1, struct prison *pr2)
static SYSCTL_NODE(_security, OID_AUTO, jail, CTLFLAG_RW, 0,
"Jails");
+#ifdef COMPAT_FREEBSD11
static int
sysctl_jail_list(SYSCTL_HANDLER_ARGS)
{
@@ -3518,6 +3543,7 @@ sysctl_jail_list(SYSCTL_HANDLER_ARGS)
SYSCTL_OID(_security_jail, OID_AUTO, list,
CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
sysctl_jail_list, "S", "List of active jails");
+#endif /* COMPAT_FREEBSD11 */
static int
sysctl_jail_jailed(SYSCTL_HANDLER_ARGS)
@@ -3557,13 +3583,14 @@ SYSCTL_PROC(_security_jail, OID_AUTO, vnet,
#if defined(INET) || defined(INET6)
SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
&jail_max_af_ips, 0,
- "Number of IP addresses a jail may have at most per address family (deprecated)");
+ "Number of IP addresses a jail may have at most per address family");
#endif
/*
- * Default parameters for jail(2) compatibility. For historical reasons,
- * the sysctl names have varying similarity to the parameter names. Prisons
- * just see their own parameters, and can't change them.
+ * Jail permissions - jailed processes can read these to find out what they are
+ * allowed to do. A deprecated use is to set default permissions for prisons
+ * created via jail(2). For historical reasons, the sysctl names have varying
+ * similarity to the parameter names.
*/
static int
sysctl_jail_default_allow(SYSCTL_HANDLER_ARGS)
@@ -3572,52 +3599,68 @@ sysctl_jail_default_allow(SYSCTL_HANDLER_ARGS)
int allow, error, i;
pr = req->td->td_ucred->cr_prison;
+#ifdef PR_GLOBAL_ALLOW
allow = (pr == &prison0) ? jail_default_allow : pr->pr_allow;
+#else
+ allow = pr->pr_allow;
+#endif
/* Get the current flag value, and convert it to a boolean. */
i = (allow & arg2) ? 1 : 0;
if (arg1 != NULL)
i = !i;
error = sysctl_handle_int(oidp, &i, 0, req);
- if (error || !req->newptr)
+ if (error)
return (error);
- i = i ? arg2 : 0;
- if (arg1 != NULL)
- i ^= arg2;
- /*
- * The sysctls don't have CTLFLAGS_PRISON, so assume prison0
- * for writing.
- */
- mtx_lock(&prison0.pr_mtx);
- jail_default_allow = (jail_default_allow & ~arg2) | i;
- mtx_unlock(&prison0.pr_mtx);
+#ifdef PR_GLOBAL_ALLOW
+ if (req->newptr) {
+ i = i ? arg2 : 0;
+ if (arg1 != NULL)
+ i ^= arg2;
+ /*
+ * The sysctls don't have CTLFLAGS_PRISON, so assume prison0
+ * for writing.
+ */
+ mtx_lock(&prison0.pr_mtx);
+ jail_default_allow = (jail_default_allow & ~arg2) | i;
+ mtx_unlock(&prison0.pr_mtx);
+ }
+#endif
return (0);
}
+#ifdef PR_GLOBAL_ALLOW
+#define CTLFLAG_GLOBAL_ALLOW (CTLFLAG_RW | CTLFLAG_MPSAFE)
+#define ADDR_GLOBAL_ALLOW(i) &i
+#else
+#define CTLFLAG_GLOBAL_ALLOW (CTLFLAG_RD | CTLFLAG_MPSAFE)
+#define ADDR_GLOBAL_ALLOW(i) NULL
+#endif
+
SYSCTL_PROC(_security_jail, OID_AUTO, set_hostname_allowed,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
NULL, PR_ALLOW_SET_HOSTNAME, sysctl_jail_default_allow, "I",
- "Processes in jail can set their hostnames (deprecated)");
+ "Processes in jail can set their hostnames");
SYSCTL_PROC(_security_jail, OID_AUTO, socket_unixiproute_only,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
(void *)1, PR_ALLOW_SOCKET_AF, sysctl_jail_default_allow, "I",
- "Processes in jail are limited to creating UNIX/IP/route sockets only (deprecated)");
+ "Processes in jail are limited to creating UNIX/IP/route sockets only");
SYSCTL_PROC(_security_jail, OID_AUTO, sysvipc_allowed,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
NULL, PR_ALLOW_SYSVIPC, sysctl_jail_default_allow, "I",
- "Processes in jail can use System V IPC primitives (deprecated)");
+ "Processes in jail can use System V IPC primitives");
SYSCTL_PROC(_security_jail, OID_AUTO, allow_raw_sockets,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
NULL, PR_ALLOW_RAW_SOCKETS, sysctl_jail_default_allow, "I",
- "Prison root can create raw sockets (deprecated)");
+ "Prison root can create raw sockets");
SYSCTL_PROC(_security_jail, OID_AUTO, chflags_allowed,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
NULL, PR_ALLOW_CHFLAGS, sysctl_jail_default_allow, "I",
- "Processes in jail can alter system file flags (deprecated)");
+ "Processes in jail can alter system file flags");
SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I",
- "Processes in jail can mount/unmount jail-friendly file systems (deprecated)");
+ "Processes in jail can mount/unmount jail-friendly file systems");
static int
sysctl_jail_default_level(SYSCTL_HANDLER_ARGS)
@@ -3626,25 +3669,33 @@ sysctl_jail_default_level(SYSCTL_HANDLER_ARGS)
int level, error;
pr = req->td->td_ucred->cr_prison;
+#ifdef PR_GLOBAL_ALLOW
level = (pr == &prison0) ? *(int *)arg1 : *(int *)((char *)pr + arg2);
+#else
+ level = *(int *)((char *)pr + arg2);
+#endif
error = sysctl_handle_int(oidp, &level, 0, req);
- if (error || !req->newptr)
+ if (error)
return (error);
- *(int *)arg1 = level;
+#ifdef PR_GLOBAL_ALLOW
+ if (req->newptr)
+ *(int *)arg1 = level;
+#endif
return (0);
}
SYSCTL_PROC(_security_jail, OID_AUTO, enforce_statfs,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
- &jail_default_enforce_statfs, offsetof(struct prison, pr_enforce_statfs),
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
+ ADDR_GLOBAL_ALLOW(jail_default_enforce_statfs),
+ offsetof(struct prison, pr_enforce_statfs),
sysctl_jail_default_level, "I",
- "Processes in jail cannot see all mounted file systems (deprecated)");
-
+ "Processes in jail cannot see all mounted file systems");
SYSCTL_PROC(_security_jail, OID_AUTO, devfs_ruleset,
- CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE,
- &jail_default_devfs_rsnum, offsetof(struct prison, pr_devfs_rsnum),
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW,
+ ADDR_GLOBAL_ALLOW(jail_default_devfs_rsnum),
+ offsetof(struct prison, pr_devfs_rsnum),
sysctl_jail_default_level, "I",
- "Ruleset for the devfs filesystem in jail (deprecated)");
+ "Ruleset for the devfs filesystem in jail");
/*
* Nodes to describe jail parameters. Maximum length of string parameters
@@ -3785,9 +3836,6 @@ prison_add_allow(const char *prefix, const char *name,
struct bool_flags *bf;
struct sysctl_oid *parent;
char *allow_name, *allow_noname, *allowed;
-#ifndef NO_SYSCTL_DESCR
- char *descr_deprecated;
-#endif
unsigned allow_flag;
if (prefix
@@ -3844,10 +3892,7 @@ prison_add_allow(const char *prefix, const char *name,
bf->flag = allow_flag;
mtx_unlock(&prison0.pr_mtx);
- /*
- * Create sysctls for the paramter, and the back-compat global
- * permission.
- */
+ /* Create sysctls for the paramter, and the current permission. */
parent = prefix
? SYSCTL_ADD_NODE(NULL,
SYSCTL_CHILDREN(&sysctl___security_jail_param_allow),
@@ -3859,17 +3904,10 @@ prison_add_allow(const char *prefix, const char *name,
if ((prefix
? asprintf(&allowed, M_TEMP, "%s_%s_allowed", prefix, name)
: asprintf(&allowed, M_TEMP, "%s_allowed", name)) >= 0) {
-#ifndef NO_SYSCTL_DESCR
- (void)asprintf(&descr_deprecated, M_TEMP, "%s (deprecated)",
- descr);
-#endif
(void)SYSCTL_ADD_PROC(NULL,
SYSCTL_CHILDREN(&sysctl___security_jail), OID_AUTO, allowed,
- CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, allow_flag,
- sysctl_jail_default_allow, "I", descr_deprecated);
-#ifndef NO_SYSCTL_DESCR
- free(descr_deprecated, M_TEMP);
-#endif
+ CTLTYPE_INT | CTLFLAG_GLOBAL_ALLOW, NULL, allow_flag,
+ sysctl_jail_default_allow, "I", descr);
free(allowed, M_TEMP);
}
return allow_flag;
Modified: head/sys/kern/syscalls.c
==============================================================================
--- head/sys/kern/syscalls.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/kern/syscalls.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -344,7 +344,7 @@ const char *syscallnames[] = {
"utrace", /* 335 = utrace */
"compat4.sendfile", /* 336 = freebsd4 sendfile */
"kldsym", /* 337 = kldsym */
- "jail", /* 338 = jail */
+ "compat11.jail", /* 338 = freebsd11 jail */
"nnpfs_syscall", /* 339 = nnpfs_syscall */
"sigprocmask", /* 340 = sigprocmask */
"sigsuspend", /* 341 = sigsuspend */
Modified: head/sys/kern/syscalls.master
==============================================================================
--- head/sys/kern/syscalls.master Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/kern/syscalls.master Thu Aug 16 18:40:16 2018 (r337922)
@@ -738,7 +738,7 @@
_Out_opt_ off_t *sbytes, int flags); }
337 AUE_NULL STD { int kldsym(int fileid, int cmd, \
_In_ void *data); }
-338 AUE_JAIL STD { int jail( \
+338 AUE_JAIL COMPAT11 { int jail( \
_In_ struct jail *jail); }
339 AUE_NULL NOSTD|NOTSTATIC { int nnpfs_syscall(int operation, \
Modified: head/sys/kern/systrace_args.c
==============================================================================
--- head/sys/kern/systrace_args.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/kern/systrace_args.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -1593,13 +1593,6 @@ systrace_args(int sysnum, void *params, uint64_t *uarg
*n_args = 3;
break;
}
- /* jail */
- case 338: {
- struct jail_args *p = params;
- uarg[0] = (intptr_t) p->jail; /* struct jail * */
- *n_args = 1;
- break;
- }
/* nnpfs_syscall */
case 339: {
struct nnpfs_syscall_args *p = params;
@@ -5772,16 +5765,6 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *d
break;
};
break;
- /* jail */
- case 338:
- switch(ndx) {
- case 0:
- p = "userland struct jail *";
- break;
- default:
- break;
- };
- break;
/* nnpfs_syscall */
case 339:
switch(ndx) {
@@ -9644,11 +9627,6 @@ systrace_return_setargdesc(int sysnum, int ndx, char *
break;
/* kldsym */
case 337:
- if (ndx == 0 || ndx == 1)
- p = "int";
- break;
- /* jail */
- case 338:
if (ndx == 0 || ndx == 1)
p = "int";
break;
Modified: head/sys/sys/jail.h
==============================================================================
--- head/sys/sys/jail.h Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/sys/jail.h Thu Aug 16 18:40:16 2018 (r337922)
@@ -32,6 +32,7 @@
#ifndef _SYS_JAIL_H_
#define _SYS_JAIL_H_
+#ifdef COMPAT_FREEBSD11
#ifdef _KERNEL
struct jail_v0 {
u_int32_t version;
@@ -57,16 +58,6 @@ struct jail {
* For all xprison structs, always keep the pr_version an int and
* the first variable so userspace can easily distinguish them.
*/
-#ifndef _KERNEL
-struct xprison_v1 {
- int pr_version;
- int pr_id;
- char pr_path[MAXPATHLEN];
- char pr_host[MAXHOSTNAMELEN];
- u_int32_t pr_ip;
-};
-#endif
-
struct xprison {
int pr_version;
int pr_id;
@@ -91,6 +82,7 @@ struct xprison {
#define PRISON_STATE_INVALID 0
#define PRISON_STATE_ALIVE 1
#define PRISON_STATE_DYING 2
+#endif /* COMPAT_FREEBSD11 */
/*
* Flags for jail_set and jail_get.
@@ -110,7 +102,6 @@ struct xprison {
struct iovec;
-int jail(struct jail *);
int jail_set(struct iovec *, unsigned int, int);
int jail_get(struct iovec *, unsigned int, int);
int jail_attach(int);
Modified: head/sys/sys/syscall.h
==============================================================================
--- head/sys/sys/syscall.h Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/sys/syscall.h Thu Aug 16 18:40:16 2018 (r337922)
@@ -280,7 +280,7 @@
#define SYS_utrace 335
/* 336 is freebsd4 sendfile */
#define SYS_kldsym 337
-#define SYS_jail 338
+#define SYS_freebsd11_jail 338
#define SYS_nnpfs_syscall 339
#define SYS_sigprocmask 340
#define SYS_sigsuspend 341
Modified: head/sys/sys/syscall.mk
==============================================================================
--- head/sys/sys/syscall.mk Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/sys/syscall.mk Thu Aug 16 18:40:16 2018 (r337922)
@@ -209,7 +209,7 @@ MIASM = \
sched_rr_get_interval.o \
utrace.o \
kldsym.o \
- jail.o \
+ freebsd11_jail.o \
nnpfs_syscall.o \
sigprocmask.o \
sigsuspend.o \
Modified: head/sys/sys/syscallsubr.h
==============================================================================
--- head/sys/sys/syscallsubr.h Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/sys/syscallsubr.h Thu Aug 16 18:40:16 2018 (r337922)
@@ -143,7 +143,6 @@ int kern_getsockname(struct thread *td, int fd, struct
int kern_getsockopt(struct thread *td, int s, int level, int name,
void *optval, enum uio_seg valseg, socklen_t *valsize);
int kern_ioctl(struct thread *td, int fd, u_long com, caddr_t data);
-int kern_jail(struct thread *td, struct jail *j);
int kern_jail_get(struct thread *td, struct uio *options, int flags);
int kern_jail_set(struct thread *td, struct uio *options, int flags);
int kern_kevent(struct thread *td, int fd, int nchanges, int nevents,
@@ -308,5 +307,6 @@ struct freebsd11_dirent;
int freebsd11_kern_getdirentries(struct thread *td, int fd, char *ubuf, u_int
count, long *basep, void (*func)(struct freebsd11_dirent *));
+int freebsd11_kern_jail(struct thread *td, struct jail *j);
#endif /* !_SYS_SYSCALLSUBR_H_ */
Modified: head/sys/sys/sysproto.h
==============================================================================
--- head/sys/sys/sysproto.h Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/sys/sysproto.h Thu Aug 16 18:40:16 2018 (r337922)
@@ -849,9 +849,6 @@ struct kldsym_args {
char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)];
char data_l_[PADL_(void *)]; void * data; char data_r_[PADR_(void *)];
};
-struct jail_args {
- char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)];
-};
struct nnpfs_syscall_args {
char operation_l_[PADL_(int)]; int operation; char operation_r_[PADR_(int)];
char a_pathP_l_[PADL_(char *)]; char * a_pathP; char a_pathP_r_[PADR_(char *)];
@@ -1961,7 +1958,6 @@ int sys_sched_get_priority_min(struct thread *, struct
int sys_sched_rr_get_interval(struct thread *, struct sched_rr_get_interval_args *);
int sys_utrace(struct thread *, struct utrace_args *);
int sys_kldsym(struct thread *, struct kldsym_args *);
-int sys_jail(struct thread *, struct jail_args *);
int sys_nnpfs_syscall(struct thread *, struct nnpfs_syscall_args *);
int sys_sigprocmask(struct thread *, struct sigprocmask_args *);
int sys_sigsuspend(struct thread *, struct sigsuspend_args *);
@@ -2531,6 +2527,9 @@ struct freebsd11_fhstat_args {
char u_fhp_l_[PADL_(const struct fhandle *)]; const struct fhandle * u_fhp; char u_fhp_r_[PADR_(const struct fhandle *)];
char sb_l_[PADL_(struct freebsd11_stat *)]; struct freebsd11_stat * sb; char sb_r_[PADR_(struct freebsd11_stat *)];
};
+struct freebsd11_jail_args {
+ char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)];
+};
struct freebsd11_kevent_args {
char fd_l_[PADL_(int)]; int fd; char fd_r_[PADR_(int)];
char changelist_l_[PADL_(struct kevent_freebsd11 *)]; struct kevent_freebsd11 * changelist; char changelist_r_[PADR_(struct kevent_freebsd11 *)];
@@ -2579,6 +2578,7 @@ int freebsd11_nstat(struct thread *, struct freebsd11_
int freebsd11_nfstat(struct thread *, struct freebsd11_nfstat_args *);
int freebsd11_nlstat(struct thread *, struct freebsd11_nlstat_args *);
int freebsd11_fhstat(struct thread *, struct freebsd11_fhstat_args *);
+int freebsd11_jail(struct thread *, struct freebsd11_jail_args *);
int freebsd11_kevent(struct thread *, struct freebsd11_kevent_args *);
int freebsd11_getfsstat(struct thread *, struct freebsd11_getfsstat_args *);
int freebsd11_statfs(struct thread *, struct freebsd11_statfs_args *);
@@ -2849,7 +2849,7 @@ int freebsd11_mknodat(struct thread *, struct freebsd1
#define SYS_AUE_utrace AUE_NULL
#define SYS_AUE_freebsd4_sendfile AUE_SENDFILE
#define SYS_AUE_kldsym AUE_NULL
-#define SYS_AUE_jail AUE_JAIL
+#define SYS_AUE_freebsd11_jail AUE_JAIL
#define SYS_AUE_nnpfs_syscall AUE_NULL
#define SYS_AUE_sigprocmask AUE_SIGPROCMASK
#define SYS_AUE_sigsuspend AUE_SIGSUSPEND
Modified: head/sys/ufs/ufs/ufs_vnops.c
==============================================================================
--- head/sys/ufs/ufs/ufs_vnops.c Thu Aug 16 18:37:47 2018 (r337921)
+++ head/sys/ufs/ufs/ufs_vnops.c Thu Aug 16 18:40:16 2018 (r337922)
@@ -550,9 +550,8 @@ ufs_setattr(ap)
* Privileged non-jail processes may not modify system flags
* if securelevel > 0 and any existing system flags are set.
* Privileged jail processes behave like privileged non-jail
- * processes if the security.jail.chflags_allowed sysctl is
- * is non-zero; otherwise, they behave like unprivileged
- * processes.
+ * processes if the PR_ALLOW_CHFLAGS permission bit is set;
+ * otherwise, they behave like unprivileged processes.
*/
if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) {
if (ip->i_flags &
More information about the svn-src-head
mailing list