5a59cefcd1
jail, which is less restrictive but allows for more flexible jail usage (for those who are willing to make the sacrifice). The default is off, but allowing raw sockets within jails can now be accomplished by tuning security.jail.allow_raw_sockets to 1. Turning this on will allow you to use things like ping(8) or traceroute(8) from within a jail. The patch being committed is not identical to the patch in the PR. The committed version is more friendly to APIs which pjd is working on, so it should integrate into his work quite nicely. This change has also been presented and addressed on the freebsd-hackers mailing list. Submitted by: Christian S.J. Peron <maneo@bsdpro.com> PR: kern/65800
109 lines
2.9 KiB
C
109 lines
2.9 KiB
C
/*
|
|
* ----------------------------------------------------------------------------
|
|
* "THE BEER-WARE LICENSE" (Revision 42):
|
|
* <phk@FreeBSD.org> wrote this file. As long as you retain this notice you
|
|
* can do whatever you want with this stuff. If we meet some day, and you think
|
|
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
|
* ----------------------------------------------------------------------------
|
|
*
|
|
* $FreeBSD$
|
|
*
|
|
*/
|
|
|
|
#ifndef _SYS_JAIL_H_
|
|
#define _SYS_JAIL_H_
|
|
|
|
struct jail {
|
|
u_int32_t version;
|
|
char *path;
|
|
char *hostname;
|
|
u_int32_t ip_number;
|
|
};
|
|
|
|
struct xprison {
|
|
int pr_version;
|
|
int pr_id;
|
|
char pr_path[MAXPATHLEN];
|
|
char pr_host[MAXHOSTNAMELEN];
|
|
u_int32_t pr_ip;
|
|
};
|
|
#define XPRISON_VERSION 1
|
|
|
|
#ifndef _KERNEL
|
|
|
|
int jail(struct jail *);
|
|
int jail_attach(int);
|
|
|
|
#else /* _KERNEL */
|
|
|
|
#include <sys/queue.h>
|
|
#include <sys/_lock.h>
|
|
#include <sys/_mutex.h>
|
|
#include <sys/_task.h>
|
|
|
|
#define JAIL_MAX 999999
|
|
|
|
#ifdef MALLOC_DECLARE
|
|
MALLOC_DECLARE(M_PRISON);
|
|
#endif
|
|
|
|
/*
|
|
* This structure describes a prison. It is pointed to by all struct
|
|
* ucreds's of the inmates. pr_ref keeps track of them and is used to
|
|
* delete the struture when the last inmate is dead.
|
|
*
|
|
* Lock key:
|
|
* (a) allprison_mutex
|
|
* (p) locked by pr_mutex
|
|
* (c) set only during creation before the structure is shared, no mutex
|
|
* required to read
|
|
* (d) set only during destruction of jail, no mutex needed
|
|
*/
|
|
struct prison {
|
|
LIST_ENTRY(prison) pr_list; /* (a) all prisons */
|
|
int pr_id; /* (c) prison id */
|
|
int pr_ref; /* (p) refcount */
|
|
char pr_path[MAXPATHLEN]; /* (c) chroot path */
|
|
struct vnode *pr_root; /* (c) vnode to rdir */
|
|
char pr_host[MAXHOSTNAMELEN]; /* (p) jail hostname */
|
|
u_int32_t pr_ip; /* (c) ip addr host */
|
|
void *pr_linux; /* (p) linux abi */
|
|
int pr_securelevel; /* (p) securelevel */
|
|
struct task pr_task; /* (d) destroy task */
|
|
struct mtx pr_mtx;
|
|
};
|
|
|
|
/*
|
|
* Sysctl-set variables that determine global jail policy
|
|
*
|
|
* XXX MIB entries will need to be protected by a mutex.
|
|
*/
|
|
extern int jail_set_hostname_allowed;
|
|
extern int jail_socket_unixiproute_only;
|
|
extern int jail_sysvipc_allowed;
|
|
extern int jail_getfsstat_jailrootonly;
|
|
extern int jail_allow_raw_sockets;
|
|
|
|
LIST_HEAD(prisonlist, prison);
|
|
extern struct prisonlist allprison;
|
|
|
|
/*
|
|
* Kernel support functions for jail().
|
|
*/
|
|
struct ucred;
|
|
struct mount;
|
|
struct sockaddr;
|
|
int jailed(struct ucred *cred);
|
|
void getcredhostname(struct ucred *cred, char *, size_t);
|
|
int prison_check(struct ucred *cred1, struct ucred *cred2);
|
|
int prison_check_mount(struct ucred *cred, struct mount *mp);
|
|
void prison_free(struct prison *pr);
|
|
u_int32_t prison_getip(struct ucred *cred);
|
|
void prison_hold(struct prison *pr);
|
|
int prison_if(struct ucred *cred, struct sockaddr *sa);
|
|
int prison_ip(struct ucred *cred, int flag, u_int32_t *ip);
|
|
void prison_remote_ip(struct ucred *cred, int flags, u_int32_t *ip);
|
|
|
|
#endif /* !_KERNEL */
|
|
#endif /* !_SYS_JAIL_H_ */
|