d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
148747c2b7
freebsd-skq/sys/fs
History
Ed Schouten f8f6146082 Improve nested jail awareness of devfs by handling credentials. 
Now that we start to use credentials on character devices more often
(because of MPSAFE TTY), move the prison-checks that are in place in the
TTY code into devfs.

Instead of strictly comparing the prisons, use the more common
prison_check() function to compare credentials. This means that
pseudo-terminals are only visible in devfs by processes within the same
jail and parent jails.

Even though regular users in parent jails can now interact with
pseudo-terminals from child jails, this seems to be the right approach.
These processes are also capable of interacting with the jailed
processes anyway, through signals for example.

Reviewed by:	kib, rwatson (older version)
2009-06-20 14:50:32 +00:00
..
cd9660 Update the inline version of vn_get_ino() for ".." lookups to match the 2009-06-12 21:19:57 +00:00
coda Remove the thread argument from the FSD (File-System Dependent) parts of 2009-05-11 15:33:26 +00:00
deadfs Add a simple VOP_VPTOCNP implementation for deadfs which returns EBADF. 2008-12-12 00:59:36 +00:00
devfs Improve nested jail awareness of devfs by handling credentials. 2009-06-20 14:50:32 +00:00
fdescfs Report all fdescfs vnodes as VCHR for stat(2). Fake the unique 2009-05-12 09:28:45 +00:00
fifofs s/a_fdidx/a_fp/ for VOP_OPEN comments that inline struct vop_open_args 2009-06-10 14:09:05 +00:00
hpfs Remove the thread argument from the FSD (File-System Dependent) parts of 2009-05-11 15:33:26 +00:00
msdosfs Fix r193923 by noting that type of a_fp is struct file *, not int. 2009-06-10 14:24:31 +00:00
nfs Change the size of the nfsc_groups[] array in the experimental nfs 2009-06-20 00:54:57 +00:00
nfsclient Change the size of the nfsc_groups[] array in the experimental nfs 2009-06-20 00:54:57 +00:00
nfsserver Rework the credential code to support larger values of NGROUPS and 2009-06-19 17:10:35 +00:00
ntfs Remove the thread argument from the FSD (File-System Dependent) parts of 2009-05-11 15:33:26 +00:00
nullfs Implement the bypass routine for VOP_VPTOCNP in nullfs. 2009-05-31 14:58:43 +00:00
nwfs Eliminate the unnecessary clearing of a page's dirty bits from 2009-05-23 18:25:11 +00:00
portalfs Rework the credential code to support larger values of NGROUPS and 2009-06-19 17:10:35 +00:00
procfs Add hierarchical jails. A jail may further virtualize its environment 2009-05-27 14:11:23 +00:00
pseudofs VOP_IOCTL takes unlocked vnode as an argument. Due to this, v_data may 2009-06-10 13:57:36 +00:00
smbfs Make *getpages()s' assertion on the state of each page's dirty bits 2009-05-28 18:11:09 +00:00
tmpfs Eliminate unnecessary variables. 2009-06-13 20:21:08 +00:00
udf Use #ifdef APPLE_MAC instead of #ifdef MAC to conditionalize Apple-specific 2009-06-06 07:13:57 +00:00
unionfs Rework the credential code to support larger values of NGROUPS and 2009-06-19 17:10:35 +00:00