Attachment #191820 for bug #226931

View | Details | Raw Unified | Return to bug 226931
Collapse All | Expand All

Lines 38-43 Link Here

(-)contrib/openbsm/bin/auditdistd/sandbox.c (-6 / +5 lines)
38	#endif	38	#endif
39		39
40	#include <errno.h>	40	#include <errno.h>
		41	#ifdef HAVE_JAIL
		42	#include <jail.h>
		43	#endif
41	#include <pwd.h>	44	#include <pwd.h>
42	#include <stdarg.h>	45	#include <stdarg.h>
43	#include <stdbool.h>	46	#include <stdbool.h>
Lines 63-69 Link Here
63	sandbox(const char user, bool capsicum, const char fmt, ...)	66	sandbox(const char user, bool capsicum, const char fmt, ...)
64	{	67	{
65	#ifdef HAVE_JAIL	68	#ifdef HAVE_JAIL
66	struct jail jailst;
67	char *jailhost;	69	char *jailhost;
68	va_list ap;	70	va_list ap;
69	#endif	71	#endif
Lines 132-142 Link Here
132	pjdlog_error("Unable to allocate memory for jail host name.");	134	pjdlog_error("Unable to allocate memory for jail host name.");
133	goto out;	135	goto out;
134	}	136	}
135	bzero(&jailst, sizeof(jailst));	137	if (jail_setv(JAIL_CREATE \| JAIL_ATTACH, "path", pw->pw_dir,
136	jailst.version = JAIL_API_VERSION;	138	"host.hostname", jailhost, NULL) >= 0) {
137	jailst.path = pw->pw_dir;
138	jailst.hostname = jailhost;
139	if (jail(&jailst) >= 0) {
140	jailed = true;	139	jailed = true;
141	} else {	140	} else {
142	jailed = false;	141	jailed = false;

Lines 15-23 Link Here

(-)contrib/pjdfstest/tests/chflags/09.t (-4 lines)
15	n1=`namegen`	15	n1=`namegen`
16	n2=`namegen`	16	n2=`namegen`
17		17
18	old=`sysctl -n security.jail.chflags_allowed`
19	sysctl security.jail.chflags_allowed=1 >/dev/null
20
21	expect 0 mkdir ${n0} 0755	18	expect 0 mkdir ${n0} 0755
22	cdir=`pwd`	19	cdir=`pwd`
23	cd ${n0}	20	cd ${n0}
Lines 62-67 Link Here
62	fi	59	fi
63	done	60	done
64		61
65	sysctl security.jail.chflags_allowed=${old} >/dev/null
66	cd ${cdir}	62	cd ${cdir}
67	expect 0 rmdir ${n0}	63	expect 0 rmdir ${n0}





hostname_start()
{
	if [ `$SYSCTL_N security.jail.jailed` -eq 0 ]; then
	# If we are inside a jail, set the host name if it is permitted.
	#
	if [ `$SYSCTL_N security.jail.jailed` -eq 1 ]; then
		if [ `$SYSCTL_N security.jail.set_hostname_allowed` -eq 0 ]; then
			return
		fi
	else
		# If we're not in a jail and rc.conf doesn't specify a
		# hostname, see if we can get one from kenv.
		#





zfs_start_jail()
{
	zfs mount -a
		zfs mount -a
	fi
}

zfs_start_main()


zfs_stop_jail()
{
	zfs unmount -a
		zfs unmount -a
	fi
}

zfs_stop_main()




.\"     @(#)kvm_getvfsbyname.3	8.3 (Berkeley) 5/4/95
.\" $FreeBSD$
.\"
.Dd March 21, 2018
.Dt GETVFSBYNAME 3
.Os
.Sh NAME

stores file names as Unicode
.It Dv VFCF_JAIL
can be mounted from within a jail if
.Va allow.mount
and
.Va allow.mount.<vfc_name>
jail parameters are set
.It Dv VFCF_DELEGADMIN
supports delegated administration if
.Va vfs.usermount




.\"
.\" $FreeBSD$
.\"
.Dd March 21, 2018
.Dt JAIL 2
.Os
.Sh NAME

.In sys/param.h
.In sys/jail.h
.Ft int
.Fn jail "struct jail *jail"
.Ft int
.Fn jail_attach "int jid"
.Ft int
.Fn jail_remove "int jid"

.Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
.Sh DESCRIPTION
The
.Fn jail
system call sets up a jail and locks the current process in it.
.Pp
The argument is a pointer to a structure describing the prison:
.Bd -literal -offset indent
struct jail {
	uint32_t	version;
	char		*path;
	char		*hostname;
	char		*jailname;
	unsigned int	ip4s;
	unsigned int	ip6s;
	struct in_addr	*ip4;
	struct in6_addr	*ip6;
};
.Ed
.Pp
.Dq Li version
defines the version of the API in use.
.Dv JAIL_API_VERSION
is defined for the current version.
.Pp
The
.Dq Li path
pointer should be set to the directory which is to be the root of the
prison.
.Pp
The
.Dq Li hostname
pointer can be set to the hostname of the prison.
This can be changed
from the inside of the prison.
.Pp
The
.Dq Li jailname
pointer is an optional name that can be assigned to the jail
for example for management purposes.
.Pp
The
.Dq Li ip4s
and
.Dq Li ip6s
give the numbers of IPv4 and IPv6 addresses that will be passed
via their respective pointers.
.Pp
The
.Dq Li ip4
and
.Dq Li ip6
pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
the prison, or NULL if none.
IPv4 addresses must be in network byte order.
.Pp
This is equivalent to, and deprecated in favor of, the
.Fn jail_set
system call (see below), with the parameters
.Va path ,
.Va host.hostname ,
.Va name ,
.Va ip4.addr ,
and
.Va ip6.addr ,
and with the
.Dv JAIL_ATTACH
flag.
.Pp
The
.Fn jail_set
system call creates a new jail, or modifies an existing one, and optionally
locks the current process in it.
Jail parameters are passed as an array of name-value pairs in the array

retrieved via the
.Va security.jail.param
sysctl MIB entry.
Notable parameters include
.Fn jail
description above, as well as
.Va jid
and
.Va name
which identify the jail being created or modified,
.Va path
(the root directory of the jail),
.Va host.hostname
(the hostname of the jail), and
.Va ip4.addr
and
.Va ip6.addr
(IP addresses to assign to the jail).
See
.Xr jail 8
for more information on the core jail parameters.

of that jail.
.Sh RETURN VALUES
If successful,
.Fn jail_set
.Fn jail_set ,
and
.Fn jail_get
return a non-negative integer, termed the jail identifier (JID).

.Rv -std jail_attach jail_remove
.Sh ERRORS
The
.Fn jail
system call
will fail if:
.Bl -tag -width Er
.It Bq Er EPERM
This process is not allowed to create a jail, either because it is not
the super-user, or because it would exceed the jail's
.Va children.max
limit.
.It Bq Er EFAULT
.Fa jail
points to an address outside the allocated address space of the process.
.It Bq Er EINVAL
The version number of the argument is not correct.
.It Bq Er EAGAIN
No free JID could be found.
.El
.Pp
The
.Fn jail_set
system call
will fail if:

.El
.Pp
Further
.Fn jail_set
.Fn jail_set ,
and
.Fn jail_attach
call

.Xr chroot 2 ,
.Xr jail 8
.Sh HISTORY
The now-deprecated
.Fn jail
system call appeared in
.Fx 4.0 .

Lines 33-39 Link Here

(-)sbin/hastctl/Makefile (-1 / +1 lines)
33	CFLAGS+=-DYY_NO_UNPUT	33	CFLAGS+=-DYY_NO_UNPUT
34	CFLAGS+=-DYY_NO_INPUT	34	CFLAGS+=-DYY_NO_INPUT
35		35
36	LIBADD= md util	36	LIBADD= jail md util
37		37
38	YFLAGS+=-v	38	YFLAGS+=-v
39		39

Lines 31-37 Link Here

(-)sbin/hastd/Makefile (-1 / +1 lines)
31	CFLAGS+=-DINET6	31	CFLAGS+=-DINET6
32	.endif	32	.endif
33		33
34	LIBADD= geom md pthread util	34	LIBADD= geom jail md pthread util
35		35
36	YFLAGS+=-v	36	YFLAGS+=-v
37		37





#include <errno.h>
#include <fcntl.h>
#include <jail.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdbool.h>

drop_privs(const struct hast_resource *res)
{
	char jailhost[sizeof(res->hr_name) * 2];
	struct jail jailst;
	struct passwd *pw;
	uid_t ruid, euid, suid;
	gid_t rgid, egid, sgid;

		}
	}

	bzero(&jailst, sizeof(jailst));
	jailst.version = JAIL_API_VERSION;
	jailst.path = pw->pw_dir;
	if (res == NULL) {
		(void)snprintf(jailhost, sizeof(jailhost), "hastctl");
	} else {

		(void)snprintf(jailhost, sizeof(jailhost), "hastd: %s (%s)",
		    res->hr_name, role2str(res->hr_role));
	}
	if (jail_setv(JAIL_CREATE | JAIL_ATTACH, "path", pw->pw_dir,
	    "host.hostname", jailhost, NULL) >= 0) {
	jailst.ip4s = 0;
	jailst.ip4 = NULL;
	jailst.ip6s = 0;
	jailst.ip6 = NULL;
	if (jail(&jailst) >= 0) {
		jailed = true;
	} else {
		jailed = false;




.\"
.\" $FreeBSD$
.\"
.Dd March 21, 2018
.Dt VFS_SET 9
.Os
.Sh NAME

File names are stored as Unicode.
.It Dv VFCF_JAIL
Can be mounted from within a jail if
.Va allow.mount
and
.Va allow.mount.<fsname>
jail parameters are set.
.It Dv VFCF_DELEGADMIN
Supports delegated administration if
.Va vfs.usermount

Lines 5195-5203 Link Here

(-)sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c (-3 / +2 lines)
5195	* Privileged non-jail processes may not modify system flags	5195	* Privileged non-jail processes may not modify system flags
5196	* if securelevel > 0 and any existing system flags are set.	5196	* if securelevel > 0 and any existing system flags are set.
5197	* Privileged jail processes behave like privileged non-jail	5197	* Privileged jail processes behave like privileged non-jail
5198	* processes if the security.jail.chflags_allowed sysctl is	5198	* processes if the PR_ALLOW_CHFLAGS permission bit is set;
5199	* is non-zero; otherwise, they behave like unprivileged	5199	* otherwise, they behave like unprivileged processes.
5200	* processes.
5201	*/	5200	*/
5202	if (secpolicy_fs_owner(vp->v_mount, cred) == 0 \|\|	5201	if (secpolicy_fs_owner(vp->v_mount, cred) == 0 \|\|
5203	priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0) == 0) {	5202	priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0) == 0) {




	return (0);
}

#ifdef COMPAT_FREEBSD11XXX
int
freebsd11_freebsd32_jail(struct thread *td,
    struct freebsd11_freebsd32_jail_args *uap)
{
	uint32_t version;
	int error;

		/* Sci-Fi jails are not supported, sorry. */
		return (EINVAL);
	}
	return (freebsd11_kern_jail(td, &j));
}
#endif /* COMPAT_FREEBSD11 */

int
freebsd32_jail_set(struct thread *td, struct freebsd32_jail_set_args *uap)




struct freebsd32_aio_error_args {
	char aiocbp_l_[PADL_(struct aiocb32 *)]; struct aiocb32 * aiocbp; char aiocbp_r_[PADR_(struct aiocb32 *)];
};
struct freebsd32_jail_args {
	char jail_l_[PADL_(struct jail32 *)]; struct jail32 * jail; char jail_r_[PADR_(struct jail32 *)];
};
struct freebsd32_sigtimedwait_args {
	char set_l_[PADL_(const sigset_t *)]; const sigset_t * set; char set_r_[PADR_(const sigset_t *)];
	char info_l_[PADL_(siginfo_t *)]; siginfo_t * info; char info_r_[PADR_(siginfo_t *)];

int	freebsd32_aio_return(struct thread *, struct freebsd32_aio_return_args *);
int	freebsd32_aio_suspend(struct thread *, struct freebsd32_aio_suspend_args *);
int	freebsd32_aio_error(struct thread *, struct freebsd32_aio_error_args *);
int	freebsd32_jail(struct thread *, struct freebsd32_jail_args *);
int	freebsd32_sigtimedwait(struct thread *, struct freebsd32_sigtimedwait_args *);
int	freebsd32_sigwaitinfo(struct thread *, struct freebsd32_sigwaitinfo_args *);
int	freebsd32_aio_waitcomplete(struct thread *, struct freebsd32_aio_waitcomplete_args *);

#define	FREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write	AUE_AIO_WRITE
#define	FREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio	AUE_LIO_LISTIO
#define	FREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile	AUE_SENDFILE
#define	FREEBSD32_SYS_AUE_freebsd32_jail	AUE_JAIL
#define	FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction	AUE_SIGACTION
#define	FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn	AUE_SIGRETURN
#define	FREEBSD32_SYS_AUE_freebsd32_sigtimedwait	AUE_SIGWAIT

Lines 275-281 Link Here

(-)sys/compat/freebsd32/freebsd32_syscall.h (-1 lines)
275	#define FREEBSD32_SYS_utrace 335	275	#define FREEBSD32_SYS_utrace 335
276	/* 336 is freebsd4 freebsd32_sendfile */	276	/* 336 is freebsd4 freebsd32_sendfile */
277	#define FREEBSD32_SYS_kldsym 337	277	#define FREEBSD32_SYS_kldsym 337
278	#define FREEBSD32_SYS_freebsd32_jail 338
279	#define FREEBSD32_SYS_sigprocmask 340	278	#define FREEBSD32_SYS_sigprocmask 340
280	#define FREEBSD32_SYS_sigsuspend 341	279	#define FREEBSD32_SYS_sigsuspend 341
281	/* 342 is freebsd4 freebsd32_sigaction */	280	/* 342 is freebsd4 freebsd32_sigaction */

Lines 347-353 Link Here

(-)sys/compat/freebsd32/freebsd32_syscalls.c (-1 / +1 lines)
347	"utrace", /* 335 = utrace */	347	"utrace", /* 335 = utrace */
348	"compat4.freebsd32_sendfile", /* 336 = freebsd4 freebsd32_sendfile */	348	"compat4.freebsd32_sendfile", /* 336 = freebsd4 freebsd32_sendfile */
349	"kldsym", /* 337 = kldsym */	349	"kldsym", /* 337 = kldsym */
350	"freebsd32_jail", /* 338 = freebsd32_jail */	350	"#338", /* 338 = __jailxxx */
351	"#339", /* 339 = pioctl */	351	"#339", /* 339 = pioctl */
352	"sigprocmask", /* 340 = sigprocmask */	352	"sigprocmask", /* 340 = sigprocmask */
353	"sigsuspend", /* 341 = sigsuspend */	353	"sigsuspend", /* 341 = sigsuspend */

Lines 396-402 Link Here

(-)sys/compat/freebsd32/freebsd32_sysent.c (-1 / +1 lines)
396	{ AS(utrace_args), (sy_call_t )sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 335 = utrace */	396	{ AS(utrace_args), (sy_call_t )sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 335 = utrace */
397	{ compat4(AS(freebsd4_freebsd32_sendfile_args),freebsd32_sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 freebsd32_sendfile */	397	{ compat4(AS(freebsd4_freebsd32_sendfile_args),freebsd32_sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 freebsd32_sendfile */
398	{ AS(kldsym_args), (sy_call_t )sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, / 337 = kldsym */	398	{ AS(kldsym_args), (sy_call_t )sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, / 337 = kldsym */
399	{ AS(freebsd32_jail_args), (sy_call_t )freebsd32_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, / 338 = freebsd32_jail */	399	{ 0, (sy_call_t )nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, / 338 = __jailxxx */
400	{ 0, (sy_call_t )nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, / 339 = pioctl */	400	{ 0, (sy_call_t )nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, / 339 = pioctl */
401	{ AS(sigprocmask_args), (sy_call_t )sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 340 = sigprocmask */	401	{ AS(sigprocmask_args), (sy_call_t )sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 340 = sigprocmask */
402	{ AS(sigsuspend_args), (sy_call_t )sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 341 = sigsuspend */	402	{ AS(sigsuspend_args), (sy_call_t )sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 341 = sigsuspend */




		*n_args = 3;
		break;
	}
	/* freebsd32_jail */
	case 338: {
		struct freebsd32_jail_args *p = params;
		uarg[0] = (intptr_t) p->jail; /* struct jail32 * */
		*n_args = 1;
		break;
	}
	/* sigprocmask */
	case 340: {
		struct sigprocmask_args *p = params;

			break;
		};
		break;
	/* freebsd32_jail */
	case 338:
		switch(ndx) {
		case 0:
			p = "userland struct jail32 *";
			break;
		default:
			break;
		};
		break;
	/* sigprocmask */
	case 340:
		switch(ndx) {

		if (ndx == 0 || ndx == 1)
			p = "int";
		break;
	/* freebsd32_jail */
	case 338:
		if (ndx == 0 || ndx == 1)
			p = "int";
		break;
	/* sigprocmask */
	case 340:
		if (ndx == 0 || ndx == 1)

Lines 606-612 Link Here

(-)sys/compat/freebsd32/syscalls.master (-1 / +1 lines)
606	off_t *sbytes, int flags); }	606	off_t *sbytes, int flags); }
607	337 AUE_NULL NOPROTO { int kldsym(int fileid, int cmd, \	607	337 AUE_NULL NOPROTO { int kldsym(int fileid, int cmd, \
608	void *data); }	608	void *data); }
609	338 AUE_JAIL STD { int freebsd32_jail(struct jail32 *jail); }	609	338 AUE_NULL UNIMPL __jailxxx
610	339 AUE_NULL UNIMPL pioctl	610	339 AUE_NULL UNIMPL pioctl
611	340 AUE_SIGPROCMASK NOPROTO { int sigprocmask(int how, \	611	340 AUE_SIGPROCMASK NOPROTO { int sigprocmask(int how, \
612	const sigset_t set, sigset_t oset); }	612	const sigset_t set, sigset_t oset); }

Lines 834-842 Link Here

(-)sys/fs/nandfs/nandfs_vnops.c (-3 / +2 lines)
834	* Privileged non-jail processes may not modify system flags	834	* Privileged non-jail processes may not modify system flags
835	* if securelevel > 0 and any existing system flags are set.	835	* if securelevel > 0 and any existing system flags are set.
836	* Privileged jail processes behave like privileged non-jail	836	* Privileged jail processes behave like privileged non-jail
837	* processes if the security.jail.chflags_allowed sysctl is	837	* processes if the PR_ALLOW_CHFLAGS permission bit is set;
838	* is non-zero; otherwise, they behave like unprivileged	838	* otherwise, they behave like unprivileged processes.
839	* processes.
840	*/	839	*/
841		840
842	flags = inode->i_flags;	841	flags = inode->i_flags;

Lines 389-395 Link Here

(-)sys/kern/init_sysent.c (-1 / +1 lines)
389	{ AS(utrace_args), (sy_call_t )sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 335 = utrace */	389	{ AS(utrace_args), (sy_call_t )sys_utrace, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 335 = utrace */
390	{ compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 sendfile */	390	{ compat4(AS(freebsd4_sendfile_args),sendfile), AUE_SENDFILE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 336 = freebsd4 sendfile */
391	{ AS(kldsym_args), (sy_call_t )sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, / 337 = kldsym */	391	{ AS(kldsym_args), (sy_call_t )sys_kldsym, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, / 337 = kldsym */
392	{ AS(jail_args), (sy_call_t )sys_jail, AUE_JAIL, NULL, 0, 0, 0, SY_THR_STATIC }, / 338 = jail */	392	{ 0, (sy_call_t )nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, / 338 = __jailxxx */
393	{ AS(nnpfs_syscall_args), (sy_call_t )lkmressys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, / 339 = nnpfs_syscall */	393	{ AS(nnpfs_syscall_args), (sy_call_t )lkmressys, AUE_NULL, NULL, 0, 0, 0, SY_THR_ABSENT }, / 339 = nnpfs_syscall */
394	{ AS(sigprocmask_args), (sy_call_t )sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 340 = sigprocmask */	394	{ AS(sigprocmask_args), (sy_call_t )sys_sigprocmask, AUE_SIGPROCMASK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 340 = sigprocmask */
395	{ AS(sigsuspend_args), (sy_call_t )sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 341 = sigsuspend */	395	{ AS(sigsuspend_args), (sy_call_t )sys_sigsuspend, AUE_SIGSUSPEND, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, / 341 = sigsuspend */




#define	JAIL_DEFAULT_ALLOW		(PR_ALLOW_SET_HOSTNAME | PR_ALLOW_RESERVED_PORTS)
#define	JAIL_DEFAULT_ENFORCE_STATFS	2
#define	JAIL_DEFAULT_DEVFS_RSNUM	0
#ifdef BURN_BRIDGESXXX
static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;
static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
static int jail_default_devfs_rsnum = JAIL_DEFAULT_DEVFS_RSNUM;
#endif
#if defined(INET) || defined(INET6)
static unsigned jail_max_af_ips = 255;
#endif

	strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease));
}

#ifdef COMPAT_FREEBSD11XXX
/*
 * struct jail_args {
 *	struct jail *jail;

 * };
 */
int
freebsd11_jail(struct thread *td, struct freebsd11_jail_args *uap)
{
	uint32_t version;
	int error;

		/* Sci-Fi jails are not supported, sorry. */
		return (EINVAL);
	}
	return (freebsd11_kern_jail(td, &j));
}

int
freebsd11_kern_jail(struct thread *td, struct jail *j)
{
	struct iovec optiov[2 * (3
#ifdef BURN_BRIDGESXXX
			    + 1 + nitems(pr_flag_allow)
#endif
#ifdef INET
			    + 1
#endif

			    )];
	struct uio opt;
	char *u_path, *u_hostname, *u_name;
#ifdef BURN_BRIDGESXXX
	struct bool_flags *bf;
	int enforce_statfs;
#endif
#ifdef INET
	uint32_t ip4s;
	struct in_addr *u_ip4;

	struct in6_addr *u_ip6;
#endif
	size_t tmplen;
	int error;

	bzero(&optiov, sizeof(optiov));
	opt.uio_iov = optiov;

	opt.uio_rw = UIO_READ;
	opt.uio_td = td;

#ifdef BURN_BRIDGESXXX
	/* Set permissions for top-level jails from sysctls. */
	if (!jailed(td->td_ucred)) {
		for (bf = pr_flag_allow;

		optiov[opt.uio_iovcnt].iov_len = sizeof(enforce_statfs);
		opt.uio_iovcnt++;
	}
#endif

	tmplen = MAXPATHLEN + MAXHOSTNAMELEN + MAXHOSTNAMELEN;
#ifdef INET

	free(u_path, M_TEMP);
	return (error);
}
#endif /* COMPAT_FREEBSD11 */


/*


		pr->pr_securelevel = ppr->pr_securelevel;
		pr->pr_allow = JAIL_DEFAULT_ALLOW & ppr->pr_allow;
#ifndef BURN_BRIDGESXXX
		pr->pr_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
#else
		pr->pr_enforce_statfs = jail_default_enforce_statfs;
#endif
		pr->pr_devfs_rsnum = ppr->pr_devfs_rsnum;

		pr->pr_osreldate = osreldt ? osreldt : ppr->pr_osreldate;

static SYSCTL_NODE(_security, OID_AUTO, jail, CTLFLAG_RW, 0,
    "Jails");

#ifdef COMPAT_FREEBSD11XXX
static int
sysctl_jail_list(SYSCTL_HANDLER_ARGS)
{

SYSCTL_OID(_security_jail, OID_AUTO, list,
    CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
    sysctl_jail_list, "S", "List of active jails");
#endif /* COMPAT_FREEBSD11 */

static int
sysctl_jail_jailed(SYSCTL_HANDLER_ARGS)

#if defined(INET) || defined(INET6)
SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
    &jail_max_af_ips, 0,
    "Number of IP addresses a jail may have at most per address family");
#endif

#ifdef BURN_BRIDGESXXX
/*
 * Default parameters for jail(2) compatibility.  For historical reasons,
 * the sysctl names have varying similarity to the parameter names.  Prisons

    &jail_default_devfs_rsnum, offsetof(struct prison, pr_devfs_rsnum),
    sysctl_jail_default_level, "I",
    "Ruleset for the devfs filesystem in jail (deprecated)");
#endif /* !BURN_BRIDGES */

/*
 * Nodes to describe jail parameters.  Maximum length of string parameters

Lines 344-350 Link Here

(-)sys/kern/syscalls.c (-1 / +1 lines)
344	"utrace", /* 335 = utrace */	344	"utrace", /* 335 = utrace */
345	"compat4.sendfile", /* 336 = freebsd4 sendfile */	345	"compat4.sendfile", /* 336 = freebsd4 sendfile */
346	"kldsym", /* 337 = kldsym */	346	"kldsym", /* 337 = kldsym */
347	"jail", /* 338 = jail */	347	"#338", /* 338 = __jailxxx */
348	"nnpfs_syscall", /* 339 = nnpfs_syscall */	348	"nnpfs_syscall", /* 339 = nnpfs_syscall */
349	"sigprocmask", /* 340 = sigprocmask */	349	"sigprocmask", /* 340 = sigprocmask */
350	"sigsuspend", /* 341 = sigsuspend */	350	"sigsuspend", /* 341 = sigsuspend */

Lines 595-601 Link Here

(-)sys/kern/syscalls.master (-1 / +1 lines)
595	int flags); }	595	int flags); }
596	337 AUE_NULL STD { int kldsym(int fileid, int cmd, \	596	337 AUE_NULL STD { int kldsym(int fileid, int cmd, \
597	void *data); }	597	void *data); }
598	338 AUE_JAIL STD { int jail(struct jail *jail); }	598	338 AUE_NULL UNIMPL __jailxxx
599	339 AUE_NULL NOSTD\|NOTSTATIC { int nnpfs_syscall(int operation, \	599	339 AUE_NULL NOSTD\|NOTSTATIC { int nnpfs_syscall(int operation, \
600	char *a_pathP, int a_opcode, \	600	char *a_pathP, int a_opcode, \
601	void *a_paramsP, int a_followSymlinks); }	601	void *a_paramsP, int a_followSymlinks); }




		*n_args = 3;
		break;
	}
	/* jail */
	case 338: {
		struct jail_args *p = params;
		uarg[0] = (intptr_t) p->jail; /* struct jail * */
		*n_args = 1;
		break;
	}
	/* nnpfs_syscall */
	case 339: {
		struct nnpfs_syscall_args *p = params;

			break;
		};
		break;
	/* jail */
	case 338:
		switch(ndx) {
		case 0:
			p = "userland struct jail *";
			break;
		default:
			break;
		};
		break;
	/* nnpfs_syscall */
	case 339:
		switch(ndx) {

		if (ndx == 0 || ndx == 1)
			p = "int";
		break;
	/* jail */
	case 338:
		if (ndx == 0 || ndx == 1)
			p = "int";
		break;
	/* nnpfs_syscall */
	case 339:
		if (ndx == 0 || ndx == 1)




#ifndef _SYS_JAIL_H_
#define _SYS_JAIL_H_

#ifdef COMPAT_FREEBSD11
#ifdef _KERNEL
struct jail_v0 {
	u_int32_t	version;

 * For all xprison structs, always keep the pr_version an int and
 * the first variable so userspace can easily distinguish them.
 */
#ifndef _KERNEL
struct xprison_v1 {
	int		 pr_version;
	int		 pr_id;
	char		 pr_path[MAXPATHLEN];
	char		 pr_host[MAXHOSTNAMELEN];
	u_int32_t	 pr_ip;
};
#endif

struct xprison {
	int		 pr_version;
	int		 pr_id;

#define	PRISON_STATE_INVALID	0
#define	PRISON_STATE_ALIVE	1
#define	PRISON_STATE_DYING	2
#endif /* COMPAT_FREEBSD11 */

/*
 * Flags for jail_set and jail_get.


struct iovec;

int jail(struct jail *);
int jail_set(struct iovec *, unsigned int, int);
int jail_get(struct iovec *, unsigned int, int);
int jail_attach(int);

Lines 280-286 Link Here

(-)sys/sys/syscall.h (-1 lines)
280	#define SYS_utrace 335	280	#define SYS_utrace 335
281	/* 336 is freebsd4 sendfile */	281	/* 336 is freebsd4 sendfile */
282	#define SYS_kldsym 337	282	#define SYS_kldsym 337
283	#define SYS_jail 338
284	#define SYS_nnpfs_syscall 339	283	#define SYS_nnpfs_syscall 339
285	#define SYS_sigprocmask 340	284	#define SYS_sigprocmask 340
286	#define SYS_sigsuspend 341	285	#define SYS_sigsuspend 341

Lines 211-217 Link Here

(-)sys/sys/syscall.mk (-1 lines)
211	sched_rr_get_interval.o \	211	sched_rr_get_interval.o \
212	utrace.o \	212	utrace.o \
213	kldsym.o \	213	kldsym.o \
214	jail.o \
215	nnpfs_syscall.o \	214	nnpfs_syscall.o \
216	sigprocmask.o \	215	sigprocmask.o \
217	sigsuspend.o \	216	sigsuspend.o \

Lines 141-147 Link Here

(-)sys/sys/syscallsubr.h (-1 / +1 lines)
141	int kern_getsockopt(struct thread *td, int s, int level, int name,	141	int kern_getsockopt(struct thread *td, int s, int level, int name,
142	void optval, enum uio_seg valseg, socklen_t valsize);	142	void optval, enum uio_seg valseg, socklen_t valsize);
143	int kern_ioctl(struct thread *td, int fd, u_long com, caddr_t data);	143	int kern_ioctl(struct thread *td, int fd, u_long com, caddr_t data);
144	int kern_jail(struct thread td, struct jail j);
145	int kern_jail_get(struct thread td, struct uio options, int flags);	144	int kern_jail_get(struct thread td, struct uio options, int flags);
146	int kern_jail_set(struct thread td, struct uio options, int flags);	145	int kern_jail_set(struct thread td, struct uio options, int flags);
147	int kern_kevent(struct thread *td, int fd, int nchanges, int nevents,	146	int kern_kevent(struct thread *td, int fd, int nchanges, int nevents,
Lines 306-310 Link Here
306		305
307	int freebsd11_kern_getdirentries(struct thread td, int fd, char ubuf, u_int	306	int freebsd11_kern_getdirentries(struct thread td, int fd, char ubuf, u_int
308	count, long basep, void (func)(struct freebsd11_dirent *));	307	count, long basep, void (func)(struct freebsd11_dirent *));
		308	int freebsd11_kern_jail(struct thread td, struct jail j);
309		309
310	#endif /* !_SYS_SYSCALLSUBR_H_ */	310	#endif /* !_SYS_SYSCALLSUBR_H_ */




	char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)];
	char data_l_[PADL_(void *)]; void * data; char data_r_[PADR_(void *)];
};
struct jail_args {
	char jail_l_[PADL_(struct jail *)]; struct jail * jail; char jail_r_[PADR_(struct jail *)];
};
struct nnpfs_syscall_args {
	char operation_l_[PADL_(int)]; int operation; char operation_r_[PADR_(int)];
	char a_pathP_l_[PADL_(char *)]; char * a_pathP; char a_pathP_r_[PADR_(char *)];

int	sys_sched_rr_get_interval(struct thread *, struct sched_rr_get_interval_args *);
int	sys_utrace(struct thread *, struct utrace_args *);
int	sys_kldsym(struct thread *, struct kldsym_args *);
int	sys_jail(struct thread *, struct jail_args *);
int	sys_nnpfs_syscall(struct thread *, struct nnpfs_syscall_args *);
int	sys_sigprocmask(struct thread *, struct sigprocmask_args *);
int	sys_sigsuspend(struct thread *, struct sigsuspend_args *);

#define	SYS_AUE_utrace	AUE_NULL
#define	SYS_AUE_freebsd4_sendfile	AUE_SENDFILE
#define	SYS_AUE_kldsym	AUE_NULL
#define	SYS_AUE_jail	AUE_JAIL
#define	SYS_AUE_nnpfs_syscall	AUE_NULL
#define	SYS_AUE_sigprocmask	AUE_SIGPROCMASK
#define	SYS_AUE_sigsuspend	AUE_SIGSUSPEND

Lines 550-558 Link Here

(-)sys/ufs/ufs/ufs_vnops.c (-3 / +2 lines)
550	* Privileged non-jail processes may not modify system flags	550	* Privileged non-jail processes may not modify system flags
551	* if securelevel > 0 and any existing system flags are set.	551	* if securelevel > 0 and any existing system flags are set.
552	* Privileged jail processes behave like privileged non-jail	552	* Privileged jail processes behave like privileged non-jail
553	* processes if the security.jail.chflags_allowed sysctl is	553	* processes if the PR_ALLOW_CHFLAGS permission bit is set;
554	* is non-zero; otherwise, they behave like unprivileged	554	* otherwise, they behave like unprivileged processes.
555	* processes.
556	*/	555	*/
557	if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) {	556	if (!priv_check_cred(cred, PRIV_VFS_SYSFLAGS, 0)) {
558	if (ip->i_flags &	557	if (ip->i_flags &

Lines 4-7 Link Here

(-)tools/regression/netinet/udpconnectjail/Makefile (+2 lines)
4	MAN=	4	MAN=
5	WARNS?= 2	5	WARNS?= 2
6		6
		7	LIBADD+= jail
		8
7	.include <bsd.prog.mk>	9	.include <bsd.prog.mk>





#include <err.h>
#include <errno.h>
#include <jail.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

main(int argc, __unused char *argv[])
{
	struct sockaddr_in sin;
	struct jail thejail;
	struct in_addr ia4;

	if (argc != 1)
		usage();


	/*
	 * Now re-run in a jail.
	 * XXX-BZ should switch to jail_set(2).
	 */
	if (jail_setv(JAIL_CREATE | JAIL_ATTACH, "name", "udpconnectjail",
	    "host.hostname", "jail", "ip4.addr", "127.0.0.1", NULL) < 0)
	bzero(&thejail, sizeof(thejail));
	thejail.version = JAIL_API_VERSION;
	thejail.path = "/";
	thejail.hostname = "jail";
	thejail.jailname = "udpconnectjail";
	thejail.ip4s = 1;
	thejail.ip4 = &ia4;
	
	if (jail(&thejail) < 0)
		errx(-1, "jail: %s", strerror(errno));
	test("in jail", &sin);


Lines 48-54 Link Here

(-)tools/regression/priv/Makefile (-1 / +1 lines)
48	MAN=	48	MAN=
49	WARNS?= 3	49	WARNS?= 3
50		50
51	LIBADD+= ipsec	51	LIBADD+= ipsec jail
52		52
53	.if ${MK_INET6_SUPPORT} != "no"	53	.if ${MK_INET6_SUPPORT} != "no"
54	CFLAGS+= -DINET6	54	CFLAGS+= -DINET6





#include <err.h>
#include <errno.h>
#include <jail.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

static void
enter_jail(const char *test)
{
	struct jail j;
	struct in_addr ia4;
#ifdef INET6
	struct in6_addr ia6 = IN6ADDR_LOOPBACK_INIT;
#endif

	if (jail_setv(JAIL_CREATE | JAIL_ATTACH, "name", "regressions/priv",
	    "host.hostname", "test", "ip4.addr", "127.0.0.1",
	j.path = "/";
	j.hostname = "test";
	j.jailname = "regressions/priv";
	ia4.s_addr = htonl(INADDR_LOOPBACK);
	j.ip4s = 1;
	j.ip4 = &ia4;
#ifdef INET6
	    "ip6.addr", "::1",
	j.ip6 = &ia6;
#endif
	    NULL) < 0)
		err(-1, "test %s: jail", test);
}





security.bsd.unprivileged_read_msgbuf

---
security.jail.set_hostname_allowed
bool

Determines whether or not the root user
within the jail can set the hostname.

---
security.jail.socket_unixiproute_only

---
security.jail.sysvipc_allowed

---
security.mac.biba.enabled
bool


Lines 21-27 Link Here

(-)usr.sbin/auditdistd/Makefile (-1 / +1 lines)
21	SRCS+= token.l trail.c	21	SRCS+= token.l trail.c
22	MAN= auditdistd.8 auditdistd.conf.5	22	MAN= auditdistd.8 auditdistd.conf.5
23		23
24	LIBADD+= l pthread util crypto ssl	24	LIBADD+= jail l pthread util crypto ssl
25		25
26	YFLAGS+=-v	26	YFLAGS+=-v
27		27




#include <sys/types.h>
#include <sys/errno.h>
#include <sys/socket.h>
#ifndef BURN_BRIDGES
#include <sys/sysctl.h>
#endif

#include <arpa/inet.h>
#include <netinet/in.h>

#endif
    [IP__MOUNT_FROM_FSTAB] =	{"mount.fstab",	PF_INTERNAL | PF_CONV | PF_REV},
    [IP__OP] =			{NULL,			PF_CONV},
#ifndef BURN_BRIDGES
    [KP_ALLOW_CHFLAGS] =	{"allow.chflags",	0},
    [KP_ALLOW_MOUNT] =		{"allow.mount",		0},
    [KP_ALLOW_RAW_SOCKETS] =	{"allow.raw_sockets",	0},

    [KP_ALLOW_SET_HOSTNAME]=	{"allow.set_hostname",	0},
    [KP_ALLOW_SOCKET_AF] =	{"allow.socket_af",	0},
    [KP_ALLOW_SYSVIPC] =	{"allow.sysvipc",	0},
#endif
    [KP_DEVFS_RULESET] =	{"devfs_ruleset",	0},
#ifndef BURN_BRIDGES
    [KP_ENFORCE_STATFS] =	{"enforce_statfs",	0},
#endif
    [KP_HOST_HOSTNAME] =	{"host.hostname",	0},
#ifdef INET
    [KP_IP4_ADDR] =		{"ip4.addr",		0},




#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#ifndef BURN_BRIDGES
#include <sys/sysctl.h>
#endif

#include <arpa/inet.h>
#include <netinet/in.h>

static void quoted_print(FILE *fp, char *str);
static void usage(void);

#ifndef BURN_BRIDGES
static struct permspec perm_sysctl[] = {
    { "security.jail.set_hostname_allowed", KP_ALLOW_SET_HOSTNAME, 0 },
    { "security.jail.sysvipc_allowed", KP_ALLOW_SYSVIPC, 0 },

    { "security.jail.mount_allowed", KP_ALLOW_MOUNT, 0 },
    { "security.jail.socket_unixiproute_only", KP_ALLOW_SOCKET_AF, 1 },
};
#endif

static const enum intparam startcommands[] = {
    IP__NULL,

#endif
		for (i = 3; i < argc; i++)
			add_param(NULL, NULL, IP_COMMAND, argv[i]);
#ifndef BURN_BRIDGES
		/* Emulate the defaults from security.jail.* sysctls. */
		sysvallen = sizeof(sysval);
		if (sysctlbyname("security.jail.jailed", &sysval, &sysvallen,

				    enforce_statfs);
			}
		}
#endif
	} else if (op == JF_STOP) {
		/* Jail remove, perhaps using the config file */
		if (!docf || argc == 0)




#endif
	IP__MOUNT_FROM_FSTAB,	/* Line from mount.fstab file */
	IP__OP,			/* Placeholder for requested operation */
#ifndef BURN_BRIDGES
	KP_ALLOW_CHFLAGS,
	KP_ALLOW_MOUNT,
	KP_ALLOW_RAW_SOCKETS,

	KP_ALLOW_SET_HOSTNAME,
	KP_ALLOW_SOCKET_AF,
	KP_ALLOW_SYSVIPC,
#endif
	KP_DEVFS_RULESET,
#ifndef BURN_BRIDGES
	KP_ENFORCE_STATFS,
#endif
	KP_HOST_HOSTNAME,
#ifdef INET
	KP_IP4_ADDR,

Return to bug 226931

Lines 2271-2278 Link Here

(-)sys/compat/freebsd32/freebsd32_misc.c (-2 / +5 lines)
2271	return (0);	2271	return (0);
2272	}	2272	}
2273		2273
		2274	#ifdef COMPAT_FREEBSD11XXX
2274	int	2275	int
2275	freebsd32_jail(struct thread td, struct freebsd32_jail_args uap)	2276	freebsd11_freebsd32_jail(struct thread *td,
		2277	struct freebsd11_freebsd32_jail_args *uap)
2276	{	2278	{
2277	uint32_t version;	2279	uint32_t version;
2278	int error;	2280	int error;
Lines 2329-2336 Link Here
2329	/* Sci-Fi jails are not supported, sorry. */	2331	/* Sci-Fi jails are not supported, sorry. */
2330	return (EINVAL);	2332	return (EINVAL);
2331	}	2333	}
2332	return (kern_jail(td, &j));	2334	return (freebsd11_kern_jail(td, &j));
2333	}	2335	}
		2336	#endif /* COMPAT_FREEBSD11 */
2334		2337
2335	int	2338	int
2336	freebsd32_jail_set(struct thread td, struct freebsd32_jail_set_args uap)	2339	freebsd32_jail_set(struct thread td, struct freebsd32_jail_set_args uap)

Lines 1584-1596 Link Here

(-)sys/compat/freebsd32/freebsd32_systrace_args.c (-22 lines)
1584	*n_args = 3;	1584	*n_args = 3;
1585	break;	1585	break;
1586	}	1586	}
1587	/* freebsd32_jail */
1588	case 338: {
1589	struct freebsd32_jail_args *p = params;
1590	uarg[0] = (intptr_t) p->jail; /* struct jail32 * */
1591	*n_args = 1;
1592	break;
1593	}
1594	/* sigprocmask */	1587	/* sigprocmask */
1595	case 340: {	1588	case 340: {
1596	struct sigprocmask_args *p = params;	1589	struct sigprocmask_args *p = params;
Lines 5778-5793 Link Here
5778	break;	5771	break;
5779	};	5772	};
5780	break;	5773	break;
5781	/* freebsd32_jail */
5782	case 338:
5783	switch(ndx) {
5784	case 0:
5785	p = "userland struct jail32 *";
5786	break;
5787	default:
5788	break;
5789	};
5790	break;
5791	/* sigprocmask */	5774	/* sigprocmask */
5792	case 340:	5775	case 340:
5793	switch(ndx) {	5776	switch(ndx) {
Lines 9755-9765 Link Here
9755	if (ndx == 0 \|\| ndx == 1)	9738	if (ndx == 0 \|\| ndx == 1)
9756	p = "int";	9739	p = "int";
9757	break;	9740	break;
9758	/* freebsd32_jail */
9759	case 338:
9760	if (ndx == 0 \|\| ndx == 1)
9761	p = "int";
9762	break;
9763	/* sigprocmask */	9741	/* sigprocmask */
9764	case 340:	9742	case 340:
9765	if (ndx == 0 \|\| ndx == 1)	9743	if (ndx == 0 \|\| ndx == 1)

Lines 1618-1630 Link Here

(-)sys/kern/systrace_args.c (-22 lines)
1618	*n_args = 3;	1618	*n_args = 3;
1619	break;	1619	break;
1620	}	1620	}
1621	/* jail */
1622	case 338: {
1623	struct jail_args *p = params;
1624	uarg[0] = (intptr_t) p->jail; /* struct jail * */
1625	*n_args = 1;
1626	break;
1627	}
1628	/* nnpfs_syscall */	1621	/* nnpfs_syscall */
1629	case 339: {	1622	case 339: {
1630	struct nnpfs_syscall_args *p = params;	1623	struct nnpfs_syscall_args *p = params;
Lines 5839-5854 Link Here
5839	break;	5832	break;
5840	};	5833	};
5841	break;	5834	break;
5842	/* jail */
5843	case 338:
5844	switch(ndx) {
5845	case 0:
5846	p = "userland struct jail *";
5847	break;
5848	default:
5849	break;
5850	};
5851	break;
5852	/* nnpfs_syscall */	5835	/* nnpfs_syscall */
5853	case 339:	5836	case 339:
5854	switch(ndx) {	5837	switch(ndx) {
Lines 9729-9739 Link Here
9729	if (ndx == 0 \|\| ndx == 1)	9712	if (ndx == 0 \|\| ndx == 1)
9730	p = "int";	9713	p = "int";
9731	break;	9714	break;
9732	/* jail */
9733	case 338:
9734	if (ndx == 0 \|\| ndx == 1)
9735	p = "int";
9736	break;
9737	/* nnpfs_syscall */	9715	/* nnpfs_syscall */
9738	case 339:	9716	case 339:
9739	if (ndx == 0 \|\| ndx == 1)	9717	if (ndx == 0 \|\| ndx == 1)

Lines 1728-1746 Link Here

(-)tools/tools/sysdoc/tunables.mdoc (-13 lines)
1728	security.bsd.unprivileged_read_msgbuf	1728	security.bsd.unprivileged_read_msgbuf
1729		1729
1730	---	1730	---
1731	security.jail.set_hostname_allowed
1732	bool
1733
1734	Determines whether or not the root user
1735	within the jail can set the hostname.
1736
1737	---
1738	security.jail.socket_unixiproute_only
1739
1740	---
1741	security.jail.sysvipc_allowed
1742
1743	---
1744	security.mac.biba.enabled	1731	security.mac.biba.enabled
1745	bool	1732	bool
1746		1733

Lines 40-53 Link Here

(-)etc/rc.d/hostname (-8 / +1 lines)
40		40
41	hostname_start()	41	hostname_start()
42	{	42	{
43	# If we are not inside a jail, set the host name.	43	if [ `$SYSCTL_N security.jail.jailed` -eq 0 ]; then
44	# If we are inside a jail, set the host name if it is permitted.
45	#
46	if [ `$SYSCTL_N security.jail.jailed` -eq 1 ]; then
47	if [ `$SYSCTL_N security.jail.set_hostname_allowed` -eq 0 ]; then
48	return
49	fi
50	else
51	# If we're not in a jail and rc.conf doesn't specify a	44	# If we're not in a jail and rc.conf doesn't specify a
52	# hostname, see if we can get one from kenv.	45	# hostname, see if we can get one from kenv.
53	#	46	#

Lines 18-26 Link Here

(-)etc/rc.d/zfs (-6 / +2 lines)
18		18
19	zfs_start_jail()	19	zfs_start_jail()
20	{	20	{
21	if [ `$SYSCTL_N security.jail.mount_allowed` -eq 1 ]; then	21	zfs mount -a
22	zfs mount -a
23	fi
24	}	22	}
25		23
26	zfs_start_main()	24	zfs_start_main()
Lines 43-51 Link Here
43		41
44	zfs_stop_jail()	42	zfs_stop_jail()
45	{	43	{
46	if [ `$SYSCTL_N security.jail.mount_allowed` -eq 1 ]; then	44	zfs unmount -a
47	zfs unmount -a
48	fi
49	}	45	}
50		46
51	zfs_stop_main()	47	zfs_stop_main()

Lines 28-34 Link Here

(-)lib/libc/gen/getvfsbyname.3 (-4 / +5 lines)
28	.\" @(#)kvm_getvfsbyname.3 8.3 (Berkeley) 5/4/95	28	.\" @(#)kvm_getvfsbyname.3 8.3 (Berkeley) 5/4/95
29	.\" $FreeBSD$	29	.\" $FreeBSD$
30	.\"	30	.\"
31	.Dd August 30, 2016	31	.Dd March 21, 2018
32	.Dt GETVFSBYNAME 3	32	.Dt GETVFSBYNAME 3
33	.Os	33	.Os
34	.Sh NAME	34	.Sh NAME
Lines 83-91 Link Here
83	stores file names as Unicode	83	stores file names as Unicode
84	.It Dv VFCF_JAIL	84	.It Dv VFCF_JAIL
85	can be mounted from within a jail if	85	can be mounted from within a jail if
86	.Va security.jail.mount_allowed	86	.Va allow.mount
87	sysctl is set to	87	and
88	.Dv 1	88	.Va allow.mount.<vfc_name>
		89	jail parameters are set
89	.It Dv VFCF_DELEGADMIN	90	.It Dv VFCF_DELEGADMIN
90	supports delegated administration if	91	supports delegated administration if
91	.Va vfs.usermount	92	.Va vfs.usermount

Lines 25-31 Link Here

(-)lib/libc/sys/jail.2 (-99 / +15 lines)
25	.\"	25	.\"
26	.\" $FreeBSD$	26	.\" $FreeBSD$
27	.\"	27	.\"
28	.Dd February 8, 2012	28	.Dd March 21, 2018
29	.Dt JAIL 2	29	.Dt JAIL 2
30	.Os	30	.Os
31	.Sh NAME	31	.Sh NAME
Lines 41-48 Link Here
41	.In sys/param.h	41	.In sys/param.h
42	.In sys/jail.h	42	.In sys/jail.h
43	.Ft int	43	.Ft int
44	.Fn jail "struct jail *jail"
45	.Ft int
46	.Fn jail_attach "int jid"	44	.Fn jail_attach "int jid"
47	.Ft int	45	.Ft int
48	.Fn jail_remove "int jid"	46	.Fn jail_remove "int jid"
Lines 53-126 Link Here
53	.Fn jail_set "struct iovec *iov" "u_int niov" "int flags"	51	.Fn jail_set "struct iovec *iov" "u_int niov" "int flags"
54	.Sh DESCRIPTION	52	.Sh DESCRIPTION
55	The	53	The
56	.Fn jail
57	system call sets up a jail and locks the current process in it.
58	.Pp
59	The argument is a pointer to a structure describing the prison:
60	.Bd -literal -offset indent
61	struct jail {
62	uint32_t version;
63	char *path;
64	char *hostname;
65	char *jailname;
66	unsigned int ip4s;
67	unsigned int ip6s;
68	struct in_addr *ip4;
69	struct in6_addr *ip6;
70	};
71	.Ed
72	.Pp
73	.Dq Li version
74	defines the version of the API in use.
75	.Dv JAIL_API_VERSION
76	is defined for the current version.
77	.Pp
78	The
79	.Dq Li path
80	pointer should be set to the directory which is to be the root of the
81	prison.
82	.Pp
83	The
84	.Dq Li hostname
85	pointer can be set to the hostname of the prison.
86	This can be changed
87	from the inside of the prison.
88	.Pp
89	The
90	.Dq Li jailname
91	pointer is an optional name that can be assigned to the jail
92	for example for management purposes.
93	.Pp
94	The
95	.Dq Li ip4s
96	and
97	.Dq Li ip6s
98	give the numbers of IPv4 and IPv6 addresses that will be passed
99	via their respective pointers.
100	.Pp
101	The
102	.Dq Li ip4
103	and
104	.Dq Li ip6
105	pointers can be set to an arrays of IPv4 and IPv6 addresses to be assigned to
106	the prison, or NULL if none.
107	IPv4 addresses must be in network byte order.
108	.Pp
109	This is equivalent to, and deprecated in favor of, the
110	.Fn jail_set	54	.Fn jail_set
111	system call (see below), with the parameters
112	.Va path ,
113	.Va host.hostname ,
114	.Va name ,
115	.Va ip4.addr ,
116	and
117	.Va ip6.addr ,
118	and with the
119	.Dv JAIL_ATTACH
120	flag.
121	.Pp
122	The
123	.Fn jail_set
124	system call creates a new jail, or modifies an existing one, and optionally	55	system call creates a new jail, or modifies an existing one, and optionally
125	locks the current process in it.	56	locks the current process in it.
126	Jail parameters are passed as an array of name-value pairs in the array	57	Jail parameters are passed as an array of name-value pairs in the array
Lines 146-158 Link Here
146	retrieved via the	77	retrieved via the
147	.Va security.jail.param	78	.Va security.jail.param
148	sysctl MIB entry.	79	sysctl MIB entry.
149	Notable parameters include those mentioned in the	80	Notable parameters include
150	.Fn jail
151	description above, as well as
152	.Va jid	81	.Va jid
153	and	82	and
154	.Va name ,	83	.Va name
155	which identify the jail being created or modified.	84	which identify the jail being created or modified,
		85	.Va path
		86	(the root directory of the jail),
		87	.Va host.hostname
		88	(the hostname of the jail), and
		89	.Va ip4.addr
		90	and
		91	.Va ip6.addr
		92	(IP addresses to assign to the jail).
156	See	93	See
157	.Xr jail 8	94	.Xr jail 8
158	for more information on the core jail parameters.	95	for more information on the core jail parameters.
Lines 237-244 Link Here
237	of that jail.	174	of that jail.
238	.Sh RETURN VALUES	175	.Sh RETURN VALUES
239	If successful,	176	If successful,
240	.Fn jail ,	177	.Fn jail_set
241	.Fn jail_set ,
242	and	178	and
243	.Fn jail_get	179	.Fn jail_get
244	return a non-negative integer, termed the jail identifier (JID).	180	return a non-negative integer, termed the jail identifier (JID).
Lines 249-273 Link Here
249	.Rv -std jail_attach jail_remove	185	.Rv -std jail_attach jail_remove
250	.Sh ERRORS	186	.Sh ERRORS
251	The	187	The
252	.Fn jail
253	system call
254	will fail if:
255	.Bl -tag -width Er
256	.It Bq Er EPERM
257	This process is not allowed to create a jail, either because it is not
258	the super-user, or because it would exceed the jail's
259	.Va children.max
260	limit.
261	.It Bq Er EFAULT
262	.Fa jail
263	points to an address outside the allocated address space of the process.
264	.It Bq Er EINVAL
265	The version number of the argument is not correct.
266	.It Bq Er EAGAIN
267	No free JID could be found.
268	.El
269	.Pp
270	The
271	.Fn jail_set	188	.Fn jail_set
272	system call	189	system call
273	will fail if:	190	will fail if:
Lines 371-378 Link Here
371	.El	288	.El
372	.Pp	289	.Pp
373	Further	290	Further
374	.Fn jail ,	291	.Fn jail_set
375	.Fn jail_set ,
376	and	292	and
377	.Fn jail_attach	293	.Fn jail_attach
378	call	294	call
Lines 386-392 Link Here
386	.Xr chroot 2 ,	302	.Xr chroot 2 ,
387	.Xr jail 8	303	.Xr jail 8
388	.Sh HISTORY	304	.Sh HISTORY
389	The	305	The now-deprecated
390	.Fn jail	306	.Fn jail
391	system call appeared in	307	system call appeared in
392	.Fx 4.0 .	308	.Fx 4.0 .

Lines 45-50 Link Here

(-)sbin/hastd/subr.c (-11 / +3 lines)
45		45
46	#include <errno.h>	46	#include <errno.h>
47	#include <fcntl.h>	47	#include <fcntl.h>
		48	#include <jail.h>
48	#include <pwd.h>	49	#include <pwd.h>
49	#include <stdarg.h>	50	#include <stdarg.h>
50	#include <stdbool.h>	51	#include <stdbool.h>
Lines 155-161 Link Here
155	drop_privs(const struct hast_resource *res)	156	drop_privs(const struct hast_resource *res)
156	{	157	{
157	char jailhost[sizeof(res->hr_name) * 2];	158	char jailhost[sizeof(res->hr_name) * 2];
158	struct jail jailst;
159	struct passwd *pw;	159	struct passwd *pw;
160	uid_t ruid, euid, suid;	160	uid_t ruid, euid, suid;
161	gid_t rgid, egid, sgid;	161	gid_t rgid, egid, sgid;
Lines 181-189 Link Here
181	}	181	}
182	}	182	}
183		183
184	bzero(&jailst, sizeof(jailst));
185	jailst.version = JAIL_API_VERSION;
186	jailst.path = pw->pw_dir;
187	if (res == NULL) {	184	if (res == NULL) {
188	(void)snprintf(jailhost, sizeof(jailhost), "hastctl");	185	(void)snprintf(jailhost, sizeof(jailhost), "hastctl");
189	} else {	186	} else {
Lines 190-202 Link Here
190	(void)snprintf(jailhost, sizeof(jailhost), "hastd: %s (%s)",	187	(void)snprintf(jailhost, sizeof(jailhost), "hastd: %s (%s)",
191	res->hr_name, role2str(res->hr_role));	188	res->hr_name, role2str(res->hr_role));
192	}	189	}
193	jailst.hostname = jailhost;	190	if (jail_setv(JAIL_CREATE \| JAIL_ATTACH, "path", pw->pw_dir,
194	jailst.jailname = NULL;	191	"host.hostname", jailhost, NULL) >= 0) {
195	jailst.ip4s = 0;
196	jailst.ip4 = NULL;
197	jailst.ip6s = 0;
198	jailst.ip6 = NULL;
199	if (jail(&jailst) >= 0) {
200	jailed = true;	192	jailed = true;
201	} else {	193	} else {
202	jailed = false;	194	jailed = false;

Lines 26-32 Link Here

(-)share/man/man9/VFS_SET.9 (-4 / +5 lines)
26	.\"	26	.\"
27	.\" $FreeBSD$	27	.\" $FreeBSD$
28	.\"	28	.\"
29	.Dd February 21, 2013	29	.Dd March 21, 2018
30	.Dt VFS_SET 9	30	.Dt VFS_SET 9
31	.Os	31	.Os
32	.Sh NAME	32	.Sh NAME
Lines 72-80 Link Here
72	File names are stored as Unicode.	72	File names are stored as Unicode.
73	.It Dv VFCF_JAIL	73	.It Dv VFCF_JAIL
74	Can be mounted from within a jail if	74	Can be mounted from within a jail if
75	.Va security.jail.mount_allowed	75	.Va allow.mount
76	sysctl is set to	76	and
77	.Dv 1 .	77	.Va allow.mount.<fsname>
		78	jail parameters are set.
78	.It Dv VFCF_DELEGADMIN	79	.It Dv VFCF_DELEGADMIN
79	Supports delegated administration if	80	Supports delegated administration if
80	.Va vfs.usermount	81	.Va vfs.usermount

Lines 279-287 Link Here

(-)sys/compat/freebsd32/freebsd32_proto.h (-5 lines)
279	struct freebsd32_aio_error_args {	279	struct freebsd32_aio_error_args {
280	char aiocbp_l_[PADL_(struct aiocb32 )]; struct aiocb32 aiocbp; char aiocbp_r_[PADR_(struct aiocb32 *)];	280	char aiocbp_l_[PADL_(struct aiocb32 )]; struct aiocb32 aiocbp; char aiocbp_r_[PADR_(struct aiocb32 *)];
281	};	281	};
282	struct freebsd32_jail_args {
283	char jail_l_[PADL_(struct jail32 )]; struct jail32 jail; char jail_r_[PADR_(struct jail32 *)];
284	};
285	struct freebsd32_sigtimedwait_args {	282	struct freebsd32_sigtimedwait_args {
286	char set_l_[PADL_(const sigset_t )]; const sigset_t set; char set_r_[PADR_(const sigset_t *)];	283	char set_l_[PADL_(const sigset_t )]; const sigset_t set; char set_r_[PADR_(const sigset_t *)];
287	char info_l_[PADL_(siginfo_t )]; siginfo_t info; char info_r_[PADR_(siginfo_t *)];	284	char info_l_[PADL_(siginfo_t )]; siginfo_t info; char info_r_[PADR_(siginfo_t *)];
Lines 756-762 Link Here
756	int freebsd32_aio_return(struct thread , struct freebsd32_aio_return_args );	753	int freebsd32_aio_return(struct thread , struct freebsd32_aio_return_args );
757	int freebsd32_aio_suspend(struct thread , struct freebsd32_aio_suspend_args );	754	int freebsd32_aio_suspend(struct thread , struct freebsd32_aio_suspend_args );
758	int freebsd32_aio_error(struct thread , struct freebsd32_aio_error_args );	755	int freebsd32_aio_error(struct thread , struct freebsd32_aio_error_args );
759	int freebsd32_jail(struct thread , struct freebsd32_jail_args );
760	int freebsd32_sigtimedwait(struct thread , struct freebsd32_sigtimedwait_args );	756	int freebsd32_sigtimedwait(struct thread , struct freebsd32_sigtimedwait_args );
761	int freebsd32_sigwaitinfo(struct thread , struct freebsd32_sigwaitinfo_args );	757	int freebsd32_sigwaitinfo(struct thread , struct freebsd32_sigwaitinfo_args );
762	int freebsd32_aio_waitcomplete(struct thread , struct freebsd32_aio_waitcomplete_args );	758	int freebsd32_aio_waitcomplete(struct thread , struct freebsd32_aio_waitcomplete_args );
Lines 1311-1317 Link Here
1311	#define FREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write AUE_AIO_WRITE	1307	#define FREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write AUE_AIO_WRITE
1312	#define FREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO	1308	#define FREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO
1313	#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile AUE_SENDFILE	1309	#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile AUE_SENDFILE
1314	#define FREEBSD32_SYS_AUE_freebsd32_jail AUE_JAIL
1315	#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction AUE_SIGACTION	1310	#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction AUE_SIGACTION
1316	#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn AUE_SIGRETURN	1311	#define FREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn AUE_SIGRETURN
1317	#define FREEBSD32_SYS_AUE_freebsd32_sigtimedwait AUE_SIGWAIT	1312	#define FREEBSD32_SYS_AUE_freebsd32_sigtimedwait AUE_SIGWAIT

Lines 208-216 Link Here

(-)sys/kern/kern_jail.c (-6 / +26 lines)
208	#define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME \| PR_ALLOW_RESERVED_PORTS)	208	#define JAIL_DEFAULT_ALLOW (PR_ALLOW_SET_HOSTNAME \| PR_ALLOW_RESERVED_PORTS)
209	#define JAIL_DEFAULT_ENFORCE_STATFS 2	209	#define JAIL_DEFAULT_ENFORCE_STATFS 2
210	#define JAIL_DEFAULT_DEVFS_RSNUM 0	210	#define JAIL_DEFAULT_DEVFS_RSNUM 0
		211	#ifdef BURN_BRIDGESXXX
211	static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;	212	static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;
212	static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;	213	static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
213	static int jail_default_devfs_rsnum = JAIL_DEFAULT_DEVFS_RSNUM;	214	static int jail_default_devfs_rsnum = JAIL_DEFAULT_DEVFS_RSNUM;
		215	#endif
214	#if defined(INET) \|\| defined(INET6)	216	#if defined(INET) \|\| defined(INET6)
215	static unsigned jail_max_af_ips = 255;	217	static unsigned jail_max_af_ips = 255;
216	#endif	218	#endif
Lines 228-233 Link Here
228	strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease));	230	strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease));
229	}	231	}
230		232
		233	#ifdef COMPAT_FREEBSD11XXX
231	/*	234	/*
232	* struct jail_args {	235	* struct jail_args {
233	* struct jail *jail;	236	* struct jail *jail;
Lines 234-240 Link Here
234	* };	237	* };
235	*/	238	*/
236	int	239	int
237	sys_jail(struct thread td, struct jail_args uap)	240	freebsd11_jail(struct thread td, struct freebsd11_jail_args uap)
238	{	241	{
239	uint32_t version;	242	uint32_t version;
240	int error;	243	int error;
Lines 279-291 Link Here
279	/* Sci-Fi jails are not supported, sorry. */	282	/* Sci-Fi jails are not supported, sorry. */
280	return (EINVAL);	283	return (EINVAL);
281	}	284	}
282	return (kern_jail(td, &j));	285	return (freebsd11_kern_jail(td, &j));
283	}	286	}
284		287
285	int	288	int
286	kern_jail(struct thread td, struct jail j)	289	freebsd11_kern_jail(struct thread td, struct jail j)
287	{	290	{
288	struct iovec optiov[2 * (4 + nitems(pr_flag_allow)	291	struct iovec optiov[2 * (3
		292	#ifdef BURN_BRIDGESXXX
		293	+ 1 + nitems(pr_flag_allow)
		294	#endif
289	#ifdef INET	295	#ifdef INET
290	+ 1	296	+ 1
291	#endif	297	#endif
Lines 295-301 Link Here
295	)];	301	)];
296	struct uio opt;	302	struct uio opt;
297	char u_path, u_hostname, *u_name;	303	char u_path, u_hostname, *u_name;
		304	#ifdef BURN_BRIDGESXXX
298	struct bool_flags *bf;	305	struct bool_flags *bf;
		306	int enforce_statfs;
		307	#endif
299	#ifdef INET	308	#ifdef INET
300	uint32_t ip4s;	309	uint32_t ip4s;
301	struct in_addr *u_ip4;	310	struct in_addr *u_ip4;
Lines 304-310 Link Here
304	struct in6_addr *u_ip6;	313	struct in6_addr *u_ip6;
305	#endif	314	#endif
306	size_t tmplen;	315	size_t tmplen;
307	int error, enforce_statfs;	316	int error;
308		317
309	bzero(&optiov, sizeof(optiov));	318	bzero(&optiov, sizeof(optiov));
310	opt.uio_iov = optiov;	319	opt.uio_iov = optiov;
Lines 315-320 Link Here
315	opt.uio_rw = UIO_READ;	324	opt.uio_rw = UIO_READ;
316	opt.uio_td = td;	325	opt.uio_td = td;
317		326
		327	#ifdef BURN_BRIDGESXXX
318	/* Set permissions for top-level jails from sysctls. */	328	/* Set permissions for top-level jails from sysctls. */
319	if (!jailed(td->td_ucred)) {	329	if (!jailed(td->td_ucred)) {
320	for (bf = pr_flag_allow;	330	for (bf = pr_flag_allow;
Lines 335-340 Link Here
335	optiov[opt.uio_iovcnt].iov_len = sizeof(enforce_statfs);	345	optiov[opt.uio_iovcnt].iov_len = sizeof(enforce_statfs);
336	opt.uio_iovcnt++;	346	opt.uio_iovcnt++;
337	}	347	}
		348	#endif
338		349
339	tmplen = MAXPATHLEN + MAXHOSTNAMELEN + MAXHOSTNAMELEN;	350	tmplen = MAXPATHLEN + MAXHOSTNAMELEN + MAXHOSTNAMELEN;
340	#ifdef INET	351	#ifdef INET
Lines 438-443 Link Here
438	free(u_path, M_TEMP);	449	free(u_path, M_TEMP);
439	return (error);	450	return (error);
440	}	451	}
		452	#endif /* COMPAT_FREEBSD11 */
441		453
442		454
443	/*	455	/*
Lines 1255-1261 Link Here
1255		1267
1256	pr->pr_securelevel = ppr->pr_securelevel;	1268	pr->pr_securelevel = ppr->pr_securelevel;
1257	pr->pr_allow = JAIL_DEFAULT_ALLOW & ppr->pr_allow;	1269	pr->pr_allow = JAIL_DEFAULT_ALLOW & ppr->pr_allow;
		1270	#ifndef BURN_BRIDGESXXX
		1271	pr->pr_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
		1272	#else
1258	pr->pr_enforce_statfs = jail_default_enforce_statfs;	1273	pr->pr_enforce_statfs = jail_default_enforce_statfs;
		1274	#endif
1259	pr->pr_devfs_rsnum = ppr->pr_devfs_rsnum;	1275	pr->pr_devfs_rsnum = ppr->pr_devfs_rsnum;
1260		1276
1261	pr->pr_osreldate = osreldt ? osreldt : ppr->pr_osreldate;	1277	pr->pr_osreldate = osreldt ? osreldt : ppr->pr_osreldate;
Lines 3407-3412 Link Here
3407	static SYSCTL_NODE(_security, OID_AUTO, jail, CTLFLAG_RW, 0,	3423	static SYSCTL_NODE(_security, OID_AUTO, jail, CTLFLAG_RW, 0,
3408	"Jails");	3424	"Jails");
3409		3425
		3426	#ifdef COMPAT_FREEBSD11XXX
3410	static int	3427	static int
3411	sysctl_jail_list(SYSCTL_HANDLER_ARGS)	3428	sysctl_jail_list(SYSCTL_HANDLER_ARGS)
3412	{	3429	{
Lines 3510-3515 Link Here
3510	SYSCTL_OID(_security_jail, OID_AUTO, list,	3527	SYSCTL_OID(_security_jail, OID_AUTO, list,
3511	CTLTYPE_STRUCT \| CTLFLAG_RD \| CTLFLAG_MPSAFE, NULL, 0,	3528	CTLTYPE_STRUCT \| CTLFLAG_RD \| CTLFLAG_MPSAFE, NULL, 0,
3512	sysctl_jail_list, "S", "List of active jails");	3529	sysctl_jail_list, "S", "List of active jails");
		3530	#endif /* COMPAT_FREEBSD11 */
3513		3531
3514	static int	3532	static int
3515	sysctl_jail_jailed(SYSCTL_HANDLER_ARGS)	3533	sysctl_jail_jailed(SYSCTL_HANDLER_ARGS)
Lines 3549-3557 Link Here
3549	#if defined(INET) \|\| defined(INET6)	3567	#if defined(INET) \|\| defined(INET6)
3550	SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,	3568	SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW,
3551	&jail_max_af_ips, 0,	3569	&jail_max_af_ips, 0,
3552	"Number of IP addresses a jail may have at most per address family (deprecated)");	3570	"Number of IP addresses a jail may have at most per address family");
3553	#endif	3571	#endif
3554		3572
		3573	#ifdef BURN_BRIDGESXXX
3555	/*	3574	/*
3556	* Default parameters for jail(2) compatibility. For historical reasons,	3575	* Default parameters for jail(2) compatibility. For historical reasons,
3557	* the sysctl names have varying similarity to the parameter names. Prisons	3576	* the sysctl names have varying similarity to the parameter names. Prisons
Lines 3669-3674 Link Here
3669	&jail_default_devfs_rsnum, offsetof(struct prison, pr_devfs_rsnum),	3688	&jail_default_devfs_rsnum, offsetof(struct prison, pr_devfs_rsnum),
3670	sysctl_jail_default_level, "I",	3689	sysctl_jail_default_level, "I",
3671	"Ruleset for the devfs filesystem in jail (deprecated)");	3690	"Ruleset for the devfs filesystem in jail (deprecated)");
		3691	#endif /* !BURN_BRIDGES */
3672		3692
3673	/*	3693	/*
3674	* Nodes to describe jail parameters. Maximum length of string parameters	3694	* Nodes to describe jail parameters. Maximum length of string parameters

Lines 32-37 Link Here

(-)sys/sys/jail.h (-11 / +2 lines)
32	#ifndef _SYS_JAIL_H_	32	#ifndef _SYS_JAIL_H_
33	#define _SYS_JAIL_H_	33	#define _SYS_JAIL_H_
34		34
		35	#ifdef COMPAT_FREEBSD11
35	#ifdef _KERNEL	36	#ifdef _KERNEL
36	struct jail_v0 {	37	struct jail_v0 {
37	u_int32_t version;	38	u_int32_t version;
Lines 57-72 Link Here
57	* For all xprison structs, always keep the pr_version an int and	58	* For all xprison structs, always keep the pr_version an int and
58	* the first variable so userspace can easily distinguish them.	59	* the first variable so userspace can easily distinguish them.
59	*/	60	*/
60	#ifndef _KERNEL
61	struct xprison_v1 {
62	int pr_version;
63	int pr_id;
64	char pr_path[MAXPATHLEN];
65	char pr_host[MAXHOSTNAMELEN];
66	u_int32_t pr_ip;
67	};
68	#endif
69
70	struct xprison {	61	struct xprison {
71	int pr_version;	62	int pr_version;
72	int pr_id;	63	int pr_id;
Lines 91-96 Link Here
91	#define PRISON_STATE_INVALID 0	82	#define PRISON_STATE_INVALID 0
92	#define PRISON_STATE_ALIVE 1	83	#define PRISON_STATE_ALIVE 1
93	#define PRISON_STATE_DYING 2	84	#define PRISON_STATE_DYING 2
		85	#endif /* COMPAT_FREEBSD11 */
94		86
95	/*	87	/*
96	* Flags for jail_set and jail_get.	88	* Flags for jail_set and jail_get.
Lines 110-116 Link Here
110		102
111	struct iovec;	103	struct iovec;
112		104
113	int jail(struct jail *);
114	int jail_set(struct iovec *, unsigned int, int);	105	int jail_set(struct iovec *, unsigned int, int);
115	int jail_get(struct iovec *, unsigned int, int);	106	int jail_get(struct iovec *, unsigned int, int);
116	int jail_attach(int);	107	int jail_attach(int);

Lines 852-860 Link Here

(-)sys/sys/sysproto.h (-5 lines)
852	char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)];	852	char cmd_l_[PADL_(int)]; int cmd; char cmd_r_[PADR_(int)];
853	char data_l_[PADL_(void )]; void data; char data_r_[PADR_(void *)];	853	char data_l_[PADL_(void )]; void data; char data_r_[PADR_(void *)];
854	};	854	};
855	struct jail_args {
856	char jail_l_[PADL_(struct jail )]; struct jail jail; char jail_r_[PADR_(struct jail *)];
857	};
858	struct nnpfs_syscall_args {	855	struct nnpfs_syscall_args {
859	char operation_l_[PADL_(int)]; int operation; char operation_r_[PADR_(int)];	856	char operation_l_[PADL_(int)]; int operation; char operation_r_[PADR_(int)];
860	char a_pathP_l_[PADL_(char )]; char a_pathP; char a_pathP_r_[PADR_(char *)];	857	char a_pathP_l_[PADL_(char )]; char a_pathP; char a_pathP_r_[PADR_(char *)];
Lines 1965-1971 Link Here
1965	int sys_sched_rr_get_interval(struct thread , struct sched_rr_get_interval_args );	1962	int sys_sched_rr_get_interval(struct thread , struct sched_rr_get_interval_args );
1966	int sys_utrace(struct thread , struct utrace_args );	1963	int sys_utrace(struct thread , struct utrace_args );
1967	int sys_kldsym(struct thread , struct kldsym_args );	1964	int sys_kldsym(struct thread , struct kldsym_args );
1968	int sys_jail(struct thread , struct jail_args );
1969	int sys_nnpfs_syscall(struct thread , struct nnpfs_syscall_args );	1965	int sys_nnpfs_syscall(struct thread , struct nnpfs_syscall_args );
1970	int sys_sigprocmask(struct thread , struct sigprocmask_args );	1966	int sys_sigprocmask(struct thread , struct sigprocmask_args );
1971	int sys_sigsuspend(struct thread , struct sigsuspend_args );	1967	int sys_sigsuspend(struct thread , struct sigsuspend_args );
Lines 2849-2855 Link Here
2849	#define SYS_AUE_utrace AUE_NULL	2845	#define SYS_AUE_utrace AUE_NULL
2850	#define SYS_AUE_freebsd4_sendfile AUE_SENDFILE	2846	#define SYS_AUE_freebsd4_sendfile AUE_SENDFILE
2851	#define SYS_AUE_kldsym AUE_NULL	2847	#define SYS_AUE_kldsym AUE_NULL
2852	#define SYS_AUE_jail AUE_JAIL
2853	#define SYS_AUE_nnpfs_syscall AUE_NULL	2848	#define SYS_AUE_nnpfs_syscall AUE_NULL
2854	#define SYS_AUE_sigprocmask AUE_SIGPROCMASK	2849	#define SYS_AUE_sigprocmask AUE_SIGPROCMASK
2855	#define SYS_AUE_sigsuspend AUE_SIGSUSPEND	2850	#define SYS_AUE_sigsuspend AUE_SIGSUSPEND

Lines 36-41 Link Here

(-)tools/regression/netinet/udpconnectjail/udpconnectjail.c (-14 / +3 lines)
36		36
37	#include <err.h>	37	#include <err.h>
38	#include <errno.h>	38	#include <errno.h>
		39	#include <jail.h>
39	#include <stdio.h>	40	#include <stdio.h>
40	#include <stdlib.h>	41	#include <stdlib.h>
41	#include <string.h>	42	#include <string.h>
Lines 76-83 Link Here
76	main(int argc, __unused char *argv[])	77	main(int argc, __unused char *argv[])
77	{	78	{
78	struct sockaddr_in sin;	79	struct sockaddr_in sin;
79	struct jail thejail;
80	struct in_addr ia4;
81		80
82	if (argc != 1)	81	if (argc != 1)
83	usage();	82	usage();
Lines 95-113 Link Here
95		94
96	/*	95	/*
97	* Now re-run in a jail.	96	* Now re-run in a jail.
98	* XXX-BZ should switch to jail_set(2).
99	*/	97	*/
100	ia4.s_addr = htonl(INADDR_LOOPBACK);	98	if (jail_setv(JAIL_CREATE \| JAIL_ATTACH, "name", "udpconnectjail",
101		99	"host.hostname", "jail", "ip4.addr", "127.0.0.1", NULL) < 0)
102	bzero(&thejail, sizeof(thejail));
103	thejail.version = JAIL_API_VERSION;
104	thejail.path = "/";
105	thejail.hostname = "jail";
106	thejail.jailname = "udpconnectjail";
107	thejail.ip4s = 1;
108	thejail.ip4 = &ia4;
109
110	if (jail(&thejail) < 0)
111	errx(-1, "jail: %s", strerror(errno));	100	errx(-1, "jail: %s", strerror(errno));
112	test("in jail", &sin);	101	test("in jail", &sin);
113		102

Lines 45-50 Link Here

(-)tools/regression/priv/main.c (-16 / +5 lines)
45		45
46	#include <err.h>	46	#include <err.h>
47	#include <errno.h>	47	#include <errno.h>
		48	#include <jail.h>
48	#include <stdio.h>	49	#include <stdio.h>
49	#include <stdlib.h>	50	#include <stdlib.h>
50	#include <string.h>	51	#include <string.h>
Lines 438-462 Link Here
438	static void	439	static void
439	enter_jail(const char *test)	440	enter_jail(const char *test)
440	{	441	{
441	struct jail j;
442	struct in_addr ia4;
443	#ifdef INET6
444	struct in6_addr ia6 = IN6ADDR_LOOPBACK_INIT;
445	#endif
446		442
447	bzero(&j, sizeof(j));	443	if (jail_setv(JAIL_CREATE \| JAIL_ATTACH, "name", "regressions/priv",
448	j.version = JAIL_API_VERSION;	444	"host.hostname", "test", "ip4.addr", "127.0.0.1",
449	j.path = "/";
450	j.hostname = "test";
451	j.jailname = "regressions/priv";
452	ia4.s_addr = htonl(INADDR_LOOPBACK);
453	j.ip4s = 1;
454	j.ip4 = &ia4;
455	#ifdef INET6	445	#ifdef INET6
456	j.ip6s = 1;	446	"ip6.addr", "::1",
457	j.ip6 = &ia6;
458	#endif	447	#endif
459	if (jail(&j) < 0)	448	NULL) < 0)
460	err(-1, "test %s: jail", test);	449	err(-1, "test %s: jail", test);
461	}	450	}
462		451

Lines 32-38 Link Here

(-)usr.sbin/jail/config.c (+6 lines)
32	#include <sys/types.h>	32	#include <sys/types.h>
33	#include <sys/errno.h>	33	#include <sys/errno.h>
34	#include <sys/socket.h>	34	#include <sys/socket.h>
		35	#ifndef BURN_BRIDGES
35	#include <sys/sysctl.h>	36	#include <sys/sysctl.h>
		37	#endif
36		38
37	#include <arpa/inet.h>	39	#include <arpa/inet.h>
38	#include <netinet/in.h>	40	#include <netinet/in.h>
Lines 98-103 Link Here
98	#endif	100	#endif
99	[IP__MOUNT_FROM_FSTAB] = {"mount.fstab", PF_INTERNAL \| PF_CONV \| PF_REV},	101	[IP__MOUNT_FROM_FSTAB] = {"mount.fstab", PF_INTERNAL \| PF_CONV \| PF_REV},
100	[IP__OP] = {NULL, PF_CONV},	102	[IP__OP] = {NULL, PF_CONV},
		103	#ifndef BURN_BRIDGES
101	[KP_ALLOW_CHFLAGS] = {"allow.chflags", 0},	104	[KP_ALLOW_CHFLAGS] = {"allow.chflags", 0},
102	[KP_ALLOW_MOUNT] = {"allow.mount", 0},	105	[KP_ALLOW_MOUNT] = {"allow.mount", 0},
103	[KP_ALLOW_RAW_SOCKETS] = {"allow.raw_sockets", 0},	106	[KP_ALLOW_RAW_SOCKETS] = {"allow.raw_sockets", 0},
Lines 104-111 Link Here
104	[KP_ALLOW_SET_HOSTNAME]= {"allow.set_hostname", 0},	107	[KP_ALLOW_SET_HOSTNAME]= {"allow.set_hostname", 0},
105	[KP_ALLOW_SOCKET_AF] = {"allow.socket_af", 0},	108	[KP_ALLOW_SOCKET_AF] = {"allow.socket_af", 0},
106	[KP_ALLOW_SYSVIPC] = {"allow.sysvipc", 0},	109	[KP_ALLOW_SYSVIPC] = {"allow.sysvipc", 0},
		110	#endif
107	[KP_DEVFS_RULESET] = {"devfs_ruleset", 0},	111	[KP_DEVFS_RULESET] = {"devfs_ruleset", 0},
		112	#ifndef BURN_BRIDGES
108	[KP_ENFORCE_STATFS] = {"enforce_statfs", 0},	113	[KP_ENFORCE_STATFS] = {"enforce_statfs", 0},
		114	#endif
109	[KP_HOST_HOSTNAME] = {"host.hostname", 0},	115	[KP_HOST_HOSTNAME] = {"host.hostname", 0},
110	#ifdef INET	116	#ifdef INET
111	[KP_IP4_ADDR] = {"ip4.addr", 0},	117	[KP_IP4_ADDR] = {"ip4.addr", 0},

Lines 33-39 Link Here

(-)usr.sbin/jail/jail.c (+6 lines)
33	#include <sys/types.h>	33	#include <sys/types.h>
34	#include <sys/stat.h>	34	#include <sys/stat.h>
35	#include <sys/socket.h>	35	#include <sys/socket.h>
		36	#ifndef BURN_BRIDGES
36	#include <sys/sysctl.h>	37	#include <sys/sysctl.h>
		38	#endif
37		39
38	#include <arpa/inet.h>	40	#include <arpa/inet.h>
39	#include <netinet/in.h>	41	#include <netinet/in.h>
Lines 74-79 Link Here
74	static void quoted_print(FILE fp, char str);	76	static void quoted_print(FILE fp, char str);
75	static void usage(void);	77	static void usage(void);
76		78
		79	#ifndef BURN_BRIDGES
77	static struct permspec perm_sysctl[] = {	80	static struct permspec perm_sysctl[] = {
78	{ "security.jail.set_hostname_allowed", KP_ALLOW_SET_HOSTNAME, 0 },	81	{ "security.jail.set_hostname_allowed", KP_ALLOW_SET_HOSTNAME, 0 },
79	{ "security.jail.sysvipc_allowed", KP_ALLOW_SYSVIPC, 0 },	82	{ "security.jail.sysvipc_allowed", KP_ALLOW_SYSVIPC, 0 },
Lines 82-87 Link Here
82	{ "security.jail.mount_allowed", KP_ALLOW_MOUNT, 0 },	85	{ "security.jail.mount_allowed", KP_ALLOW_MOUNT, 0 },
83	{ "security.jail.socket_unixiproute_only", KP_ALLOW_SOCKET_AF, 1 },	86	{ "security.jail.socket_unixiproute_only", KP_ALLOW_SOCKET_AF, 1 },
84	};	87	};
		88	#endif
85		89
86	static const enum intparam startcommands[] = {	90	static const enum intparam startcommands[] = {
87	IP__NULL,	91	IP__NULL,
Lines 260-265 Link Here
260	#endif	264	#endif
261	for (i = 3; i < argc; i++)	265	for (i = 3; i < argc; i++)
262	add_param(NULL, NULL, IP_COMMAND, argv[i]);	266	add_param(NULL, NULL, IP_COMMAND, argv[i]);
		267	#ifndef BURN_BRIDGES
263	/* Emulate the defaults from security.jail.* sysctls. */	268	/* Emulate the defaults from security.jail.* sysctls. */
264	sysvallen = sizeof(sysval);	269	sysvallen = sizeof(sysval);
265	if (sysctlbyname("security.jail.jailed", &sysval, &sysvallen,	270	if (sysctlbyname("security.jail.jailed", &sysval, &sysvallen,
Lines 284-289 Link Here
284	enforce_statfs);	289	enforce_statfs);
285	}	290	}
286	}	291	}
		292	#endif
287	} else if (op == JF_STOP) {	293	} else if (op == JF_STOP) {
288	/* Jail remove, perhaps using the config file */	294	/* Jail remove, perhaps using the config file */
289	if (!docf \|\| argc == 0)	295	if (!docf \|\| argc == 0)

Lines 112-117 Link Here

(-)usr.sbin/jail/jailp.h (+4 lines)
112	#endif	112	#endif
113	IP__MOUNT_FROM_FSTAB, /* Line from mount.fstab file */	113	IP__MOUNT_FROM_FSTAB, /* Line from mount.fstab file */
114	IP__OP, /* Placeholder for requested operation */	114	IP__OP, /* Placeholder for requested operation */
		115	#ifndef BURN_BRIDGES
115	KP_ALLOW_CHFLAGS,	116	KP_ALLOW_CHFLAGS,
116	KP_ALLOW_MOUNT,	117	KP_ALLOW_MOUNT,
117	KP_ALLOW_RAW_SOCKETS,	118	KP_ALLOW_RAW_SOCKETS,
Lines 118-125 Link Here
118	KP_ALLOW_SET_HOSTNAME,	119	KP_ALLOW_SET_HOSTNAME,
119	KP_ALLOW_SOCKET_AF,	120	KP_ALLOW_SOCKET_AF,
120	KP_ALLOW_SYSVIPC,	121	KP_ALLOW_SYSVIPC,
		122	#endif
121	KP_DEVFS_RULESET,	123	KP_DEVFS_RULESET,
		124	#ifndef BURN_BRIDGES
122	KP_ENFORCE_STATFS,	125	KP_ENFORCE_STATFS,
		126	#endif
123	KP_HOST_HOSTNAME,	127	KP_HOST_HOSTNAME,
124	#ifdef INET	128	#ifdef INET
125	KP_IP4_ADDR,	129	KP_IP4_ADDR,