From 03af441cb0b61fa62531e16978deba3189a56104 Mon Sep 17 00:00:00 2001 From: Alexander Leidinger Date: Sun, 9 Jul 2017 06:40:16 +0000 Subject: [PATCH] - Extend pr_allow flags visually to 32 bits, to make it more obvious at first look how much flags we still have available to use in the future. - Add kmem_access flag as a placeholder (reserve it), not used yet. Differential Revision: D11451 Reviewed by: jamie Sponsored by: Hackathon Essen 2017 --- sys/sys/jail.h | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/sys/sys/jail.h b/sys/sys/jail.h index 2c329b5d32b7..91c694f2fba7 100644 --- a/sys/sys/jail.h +++ b/sys/sys/jail.h @@ -215,23 +215,24 @@ struct prison_racct { /* by this jail or an ancestor */ /* Flags for pr_allow */ -#define PR_ALLOW_SET_HOSTNAME 0x0001 -#define PR_ALLOW_SYSVIPC 0x0002 -#define PR_ALLOW_RAW_SOCKETS 0x0004 -#define PR_ALLOW_CHFLAGS 0x0008 -#define PR_ALLOW_MOUNT 0x0010 -#define PR_ALLOW_QUOTAS 0x0020 -#define PR_ALLOW_SOCKET_AF 0x0040 -#define PR_ALLOW_MOUNT_DEVFS 0x0080 -#define PR_ALLOW_MOUNT_NULLFS 0x0100 -#define PR_ALLOW_MOUNT_ZFS 0x0200 -#define PR_ALLOW_MOUNT_PROCFS 0x0400 -#define PR_ALLOW_MOUNT_TMPFS 0x0800 -#define PR_ALLOW_MOUNT_FDESCFS 0x1000 -#define PR_ALLOW_MOUNT_LINPROCFS 0x2000 -#define PR_ALLOW_MOUNT_LINSYSFS 0x4000 -#define PR_ALLOW_RESERVED_PORTS 0x8000 -#define PR_ALLOW_ALL 0xffff +#define PR_ALLOW_SET_HOSTNAME 0x00000001 +#define PR_ALLOW_SYSVIPC 0x00000002 +#define PR_ALLOW_RAW_SOCKETS 0x00000004 +#define PR_ALLOW_CHFLAGS 0x00000008 +#define PR_ALLOW_MOUNT 0x00000010 +#define PR_ALLOW_QUOTAS 0x00000020 +#define PR_ALLOW_SOCKET_AF 0x00000040 +#define PR_ALLOW_MOUNT_DEVFS 0x00000080 +#define PR_ALLOW_MOUNT_NULLFS 0x00000100 +#define PR_ALLOW_MOUNT_ZFS 0x00000200 +#define PR_ALLOW_MOUNT_PROCFS 0x00000400 +#define PR_ALLOW_MOUNT_TMPFS 0x00000800 +#define PR_ALLOW_MOUNT_FDESCFS 0x00001000 +#define PR_ALLOW_MOUNT_LINPROCFS 0x00002000 +#define PR_ALLOW_MOUNT_LINSYSFS 0x00004000 +#define PR_ALLOW_RESERVED_PORTS 0x00008000 +#define PR_ALLOW_KMEM_ACCESS 0x00010000 /* reserved, not used yet */ +#define PR_ALLOW_ALL 0x0001ffff /* * OSD methods