freebsd-skq/sys/kern
bz d2730d5b27 MFp4:
Bring in updated jail support from bz_jail branch.

This enhances the current jail implementation to permit multiple
addresses per jail. In addtion to IPv4, IPv6 is supported as well.
Due to updated checks it is even possible to have jails without
an IP address at all, which basically gives one a chroot with
restricted process view, no networking,..

SCTP support was updated and supports IPv6 in jails as well.

Cpuset support permits jails to be bound to specific processor
sets after creation.

Jails can have an unrestricted (no duplicate protection, etc.) name
in addition to the hostname. The jail name cannot be changed from
within a jail and is considered to be used for management purposes
or as audit-token in the future.

DDB 'show jails' command was added to aid debugging.

Proper compat support permits 32bit jail binaries to be used on 64bit
systems to manage jails. Also backward compatibility was preserved where
possible: for jail v1 syscalls, as well as with user space management
utilities.

Both jail as well as prison version were updated for the new features.
A gap was intentionally left as the intermediate versions had been
used by various patches floating around the last years.

Bump __FreeBSD_version for the afore mentioned and in kernel changes.

Special thanks to:
- Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches
  and Olivier Houchard (cognet) for initial single-IPv6 patches.
- Jeff Roberson (jeff) and Randall Stewart (rrs) for their
  help, ideas and review on cpuset and SCTP support.
- Robert Watson (rwatson) for lots and lots of help, discussions,
  suggestions and review of most of the patch at various stages.
- John Baldwin (jhb) for his help.
- Simon L. Nielsen (simon) as early adopter testing changes
  on cluster machines as well as all the testers and people
  who provided feedback the last months on freebsd-jail and
  other channels.
- My employer, CK Software GmbH, for the support so I could work on this.

Reviewed by:	(see above)
MFC after:	3 months (this is just so that I get the mail)
X-MFC Before:   7.2-RELEASE if possible
2008-11-29 14:32:14 +00:00
..
bus_if.m Allow device hints to wire the unit numbers of devices. 2008-11-18 21:01:54 +00:00
clock_if.m
cpufreq_if.m
device_if.m
genassym.sh refactor code so it can run in a chroot without having to have /dev/mounted 2008-01-18 17:02:14 +00:00
imgact_aout.c Add sv_flags field to struct sysentvec with intention to provide description 2008-11-22 12:36:15 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c If the ABI-overriden interpreter was not loaded, do not set 2008-10-08 11:11:36 +00:00
imgact_gzip.c VOP_LOCK1() (and so VOP_LOCK()) and VOP_UNLOCK() are only used in 2008-01-13 14:44:15 +00:00
imgact_shell.c Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed thread 2008-08-28 15:23:18 +00:00
inflate.c
init_main.c Rename three MAC entry points from _proc_ to _cred_ to reflect the fact 2008-10-28 11:33:06 +00:00
init_sysent.c Regenerate system call tables for r184789. 2008-11-09 10:48:06 +00:00
kern_acct.c Properly lock proctree_lock before locking the process while accounting. 2008-08-21 15:02:17 +00:00
kern_alq.c Use msleep_spin() instead of unlock/tsleep/lock. This was 2008-07-02 20:44:33 +00:00
kern_clock.c Implement per-cpu callout threads, wheels, and locks. 2008-04-02 11:20:30 +00:00
kern_condvar.c - Don't do a WITNESS_SAVE() on the interlock if it is Giant in the condition 2008-09-25 13:42:19 +00:00
kern_conf.c Explicitely note that destroy_dev() sleeps. 2008-11-27 16:47:25 +00:00
kern_cons.c Reimplement the /dev/console device node. 2008-11-01 08:35:28 +00:00
kern_context.c Further system call comment cleanup: 2007-03-05 13:10:58 +00:00
kern_cpu.c Fix a few edge cases with error handling in cpufreq(4)'s CPUFREQ_GET() 2008-05-05 19:13:52 +00:00
kern_cpuset.c MFp4: 2008-11-29 14:32:14 +00:00
kern_ctf.c Add the CTF source file which gets shared with link_elf.c and link_elf_obj.c. 2008-05-23 03:04:27 +00:00
kern_descrip.c Remove unnecessary locking around vn_fullpath(). The vnode lock for the 2008-11-04 19:04:01 +00:00
kern_dtrace.c Remove code that isn't required. It actually breaks the case where KDTRACE_HOOKS 2008-06-16 04:44:29 +00:00
kern_environment.c Implement the following macros for completeness: 2008-07-21 15:05:25 +00:00
kern_event.c Fix a number of style issues in the MALLOC / FREE commit. I've tried to 2008-10-23 20:26:15 +00:00
kern_exec.c Merge latest DTrace changes from Perforce. 2008-11-05 19:40:36 +00:00
kern_exit.c MFp4: 2008-11-29 14:32:14 +00:00
kern_fork.c MFp4: 2008-11-29 14:32:14 +00:00
kern_idle.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
kern_intr.c style(9) 2008-09-23 14:25:56 +00:00
kern_jail.c MFp4: 2008-11-29 14:32:14 +00:00
kern_kthread.c Kill a dead variable 2008-08-03 21:07:19 +00:00
kern_ktr.c
kern_ktrace.c This patch adds a new ktrace(2) record type, KTR_STRUCT, whose payload 2008-02-23 01:01:49 +00:00
kern_linker.c Fix a number of style issues in the MALLOC / FREE commit. I've tried to 2008-10-23 20:26:15 +00:00
kern_lock.c Teach WITNESS about the interlocks used with lockmgr. This removes a bunch 2008-09-10 19:13:30 +00:00
kern_lockf.c Remove unused variable. 2008-11-27 04:40:37 +00:00
kern_malloc.c Enable the creation of a kmem map larger than 4GB. 2008-07-05 19:34:33 +00:00
kern_mbuf.c make kern.ipc.nmbclusters actually have a useful effect on nmbclusters et al. 2008-11-09 01:53:06 +00:00
kern_mib.c Step 1.5 of importing the network stack virtualization infrastructure 2008-10-02 15:37:58 +00:00
kern_module.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
kern_mtxpool.c Fix a number of style issues in the MALLOC / FREE commit. I've tried to 2008-10-23 20:26:15 +00:00
kern_mutex.c Teach WITNESS about the interlocks used with lockmgr. This removes a bunch 2008-09-10 19:13:30 +00:00
kern_ntptime.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
kern_osd.c Update ZFS from version 6 to 13 and bring some FreeBSD-specific changes. 2008-11-17 20:49:29 +00:00
kern_physio.c
kern_pmc.c Support sparsely numbered CPUs. 2008-09-22 10:37:02 +00:00
kern_poll.c Merge more of currently non-functional (i.e. resolving to 2008-11-26 22:32:07 +00:00
kern_priv.c Remove the suser(9) interface from the kernel. It has been replaced from 2008-09-17 15:49:44 +00:00
kern_proc.c Update ZFS from version 6 to 13 and bring some FreeBSD-specific changes. 2008-11-17 20:49:29 +00:00
kern_prot.c Retire the MALLOC and FREE macros. They are an abomination unto style(9). 2008-10-23 15:53:51 +00:00
kern_resource.c Don't rearm callout if the process is exiting, it may leak a callout 2008-10-24 01:09:24 +00:00
kern_rmlock.c Teach WITNESS about the interlocks used with lockmgr. This removes a bunch 2008-09-10 19:13:30 +00:00
kern_rwlock.c Teach WITNESS about the interlocks used with lockmgr. This removes a bunch 2008-09-10 19:13:30 +00:00
kern_sdt.c Add kernel support for the Statically Defined Trace provider. 2008-05-18 19:32:36 +00:00
kern_sema.c
kern_shutdown.c It's possible that the dump device has gone away after it was 2008-11-23 21:05:22 +00:00
kern_sig.c Revert rev 184216 and 184199, due to the way the thread_lock works, 2008-11-05 03:01:23 +00:00
kern_subr.c Make ureadc() warn when holding any locks, just like uiomove(). 2008-08-28 19:34:58 +00:00
kern_switch.c fix typo in runz_fuzz 2008-05-12 06:42:06 +00:00
kern_sx.c Teach WITNESS about the interlocks used with lockmgr. This removes a bunch 2008-09-10 19:13:30 +00:00
kern_synch.c - Forward port flush of page table updates on context switch or userret 2008-10-19 01:35:27 +00:00
kern_syscalls.c Various style fixes. 7 space indent is just odd. 2008-09-18 20:10:11 +00:00
kern_sysctl.c Merge more of currently non-functional (i.e. resolving to 2008-11-26 22:32:07 +00:00
kern_tc.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
kern_thr.c Add sv_flags field to struct sysentvec with intention to provide description 2008-11-22 12:36:15 +00:00
kern_thread.c Update ZFS from version 6 to 13 and bring some FreeBSD-specific changes. 2008-11-17 20:49:29 +00:00
kern_time.c In realtimer_delete(), clear timer's value and interval to tell 2008-10-20 02:37:53 +00:00
kern_timeout.c After a machine has been up for a bit more than 20 days with HZ=1000, 2008-10-28 03:26:25 +00:00
kern_umtx.c Add two commands to _umtx_op system call to allow a simple mutex to be 2008-06-24 07:32:12 +00:00
kern_uuid.c Step 1.5 of importing the network stack virtualization infrastructure 2008-10-02 15:37:58 +00:00
kern_xxx.c Mark uname(), getdomainname() and setdomainname() with COMPAT_FREEBSD4. 2008-11-09 10:45:13 +00:00
ksched.c Commit 14/14 of sched_lock decomposition. 2007-06-05 00:00:57 +00:00
link_elf_obj.c Calling linker_load_dependencies() while holding the module' 2008-08-03 13:33:45 +00:00
link_elf.c Calling linker_load_dependencies() while holding the module' 2008-08-03 13:33:45 +00:00
linker_if.m Add the ctf_get method. 2008-05-23 04:06:49 +00:00
Make.tags.inc Remove netatm from HEAD as it is not MPSAFE and relies on the now removed 2008-05-25 22:11:40 +00:00
Makefile style.Makefile(5) 2007-12-14 21:30:51 +00:00
makesyscalls.sh Tidy up a few things with syscall generation: 2008-09-25 20:07:42 +00:00
md4c.c
md5c.c
p1003_1b.c Remove kernel support for M:N threading. 2008-03-12 10:12:01 +00:00
posix4_mib.c Fix mispatch of includes list; allows my kernel to build successfully. 2006-11-12 03:34:03 +00:00
sched_4bsd.c When choosing a CPU for a thread in a cpuset, prefer the last CPU that the 2008-07-28 20:39:21 +00:00
sched_ule.c When checking to see if another CPU is running its idle thread, examine 2008-11-18 05:41:34 +00:00
serdev_if.m
stack_protector.c Fix a chicken-and-egg problem: this files implements SSP support, 2008-06-26 07:52:45 +00:00
subr_acl_posix1e.c Rename a variable missed in previous accmode_t-related commits. 2008-10-28 21:58:48 +00:00
subr_autoconf.c If run_interrupt_driven_config_hooks() waits 360 seconds and INVARIANTS 2008-07-21 20:50:49 +00:00
subr_blist.c Retire the MALLOC and FREE macros. They are an abomination unto style(9). 2008-10-23 15:53:51 +00:00
subr_bufring.c - bump __FreeBSD version to reflect added buf_ring, memory barriers, 2008-11-22 05:55:56 +00:00
subr_bus.c Allow device hints to wire the unit numbers of devices. 2008-11-18 21:01:54 +00:00
subr_clist.c Now that the number of clist consumers have dropped massively, trim down 2008-09-21 18:12:18 +00:00
subr_clock.c Now that all platforms use genclock, shuffle things around slightly 2008-04-22 19:38:30 +00:00
subr_devstat.c
subr_disk.c Add a new I/O request - BIO_FLUSH, which basically tells providers below to 2006-10-31 21:11:21 +00:00
subr_eventhandler.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
subr_fattime.c Better naming of fattime conversion functions, they do convert to timespec 2006-10-24 10:27:23 +00:00
subr_firmware.c Avoid scheduling firmware taskqs when cold. 2008-11-11 12:25:08 +00:00
subr_hints.c
subr_kdb.c Expand kdb_alt_break a little, most commonly used with the option 2008-05-04 23:29:38 +00:00
subr_kobj.c
subr_lock.c - track maximum wait time 2008-07-27 21:45:20 +00:00
subr_log.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
subr_mbpool.c Add parens around *free in *free++ in mbp_count() so that mbp_count() 2007-05-27 17:38:36 +00:00
subr_mchain.c Replaced the misleading uses of a historical artefact M_TRYWAIT with M_WAIT. 2008-03-25 09:39:02 +00:00
subr_module.c
subr_msgbuf.c
subr_param.c vm_pnames should be "const char *const[]". 2008-10-27 08:09:05 +00:00
subr_pcpu.c Make ddb command registration dynamic so modules can extend 2008-09-15 22:45:14 +00:00
subr_power.c
subr_prf.c Obey signedness flag in %z case. 2008-11-17 23:57:40 +00:00
subr_prof.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
subr_rman.c Trivially avoid a null pointer dereference when drivers 2008-10-22 18:20:45 +00:00
subr_rtc.c Now that all platforms use genclock, shuffle things around slightly 2008-04-22 19:38:30 +00:00
subr_sbuf.c Switch to simplified BSD license (with phk's approval), plus whitespace 2008-08-09 10:26:21 +00:00
subr_scanf.c
subr_sleepqueue.c Revert rev 184216 and 184199, due to the way the thread_lock works, 2008-11-05 03:01:23 +00:00
subr_smp.c Adjust the license statement to more closely match a standard 3-clause BSD 2008-11-03 21:17:02 +00:00
subr_stack.c Make it possible to compile kernel with KTR but without DDB. 2008-10-30 21:48:28 +00:00
subr_taskqueue.c revert local change 2008-07-18 07:10:33 +00:00
subr_trap.c - Forward port flush of page table updates on context switch or userret 2008-10-19 01:35:27 +00:00
subr_turnstile.c Make ddb command registration dynamic so modules can extend 2008-09-15 22:45:14 +00:00
subr_unit.c Since cdev mutex is after system map mutex in global lock order, free() 2007-07-04 06:56:58 +00:00
subr_witness.c Fix a number of style issues in the MALLOC / FREE commit. I've tried to 2008-10-23 20:26:15 +00:00
sys_generic.c Reverse if() logic to improve readability. 2008-09-23 14:25:38 +00:00
sys_pipe.c Several cleanups related to pipe(2). 2008-11-11 14:55:59 +00:00
sys_process.c Revert rev 184216 and 184199, due to the way the thread_lock works, 2008-11-05 03:01:23 +00:00
sys_socket.c Lock receive socket buffer in soo_stat() rather than commenting that we 2008-10-07 07:10:28 +00:00
syscalls.c Regenerate system call tables for r184789. 2008-11-09 10:48:06 +00:00
syscalls.master Mark uname(), getdomainname() and setdomainname() with COMPAT_FREEBSD4. 2008-11-09 10:45:13 +00:00
systrace_args.c Regenerate system call tables for r184789. 2008-11-09 10:48:06 +00:00
sysv_ipc.c Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); in 2007-06-12 00:12:01 +00:00
sysv_msg.c Merge first in a series of TrustedBSD MAC Framework KPI changes 2007-10-24 19:04:04 +00:00
sysv_sem.c Renew semaphore's pointer after wakeup since during msleep 2008-06-19 18:08:42 +00:00
sysv_shm.c Make sure we restrict Linux only IPC calls from being executed 2008-02-12 20:55:03 +00:00
tty_compat.c Fix an awful bug inside our COMPAT_43TTY code. 2008-09-04 16:30:53 +00:00
tty_info.c Integrate the new MPSAFE TTY layer to the FreeBSD operating system. 2008-08-20 08:31:58 +00:00
tty_inq.c Fix some edge cases in the TTY queues: 2008-08-30 09:18:27 +00:00
tty_outq.c Fix some edge cases in the TTY queues: 2008-08-30 09:18:27 +00:00
tty_pts.c Remove redundant return value tests. 2008-11-04 10:58:02 +00:00
tty_pty.c Allow the user to suppress the rate-limited pty(4) warning. 2008-08-23 16:03:00 +00:00
tty_tty.c Remove unneeded Giant locking of /dev/tty. 2008-06-03 12:38:00 +00:00
tty_ttydisc.c Don't forget to relock the TTY after uiomove() returns an error. 2008-11-12 09:04:44 +00:00
tty.c Reduce the default baud rate of PTY's to 9600. 2008-11-08 20:40:39 +00:00
uipc_accf.c Retire the MALLOC and FREE macros. They are an abomination unto style(9). 2008-10-23 15:53:51 +00:00
uipc_cow.c Give MEXTADD() another argument to make both void pointers to the 2008-02-01 19:36:27 +00:00
uipc_debug.c Change a variable name to not shadow a global 2008-07-03 08:35:59 +00:00
uipc_domain.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
uipc_mbuf2.c Merge first in a series of TrustedBSD MAC Framework KPI changes 2007-10-24 19:04:04 +00:00
uipc_mbuf.c Remove the alignment of the align parameter. This is up to the caller to pass 2008-09-05 04:05:31 +00:00
uipc_mqueue.c Fix matching of message queues by name. 2008-11-28 14:53:18 +00:00
uipc_sem.c Rework the lifetime management of the kernel implementation of POSIX 2008-06-27 05:39:04 +00:00
uipc_shm.c Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary 2008-10-28 13:44:11 +00:00
uipc_sockbuf.c Rewrite sbreserve_locked()'s comment on NULL thread pointers, eliminating 2008-10-07 09:51:39 +00:00
uipc_socket.c MFp4: 2008-11-29 14:32:14 +00:00
uipc_syscalls.c Retire the MALLOC and FREE macros. They are an abomination unto style(9). 2008-10-23 15:53:51 +00:00
uipc_usrreq.c Retire the MALLOC and FREE macros. They are an abomination unto style(9). 2008-10-23 15:53:51 +00:00
vfs_acl.c Add the support for the AT_FDCWD and fd-relative name lookups to the 2008-03-31 12:01:21 +00:00
vfs_aio.c Use minimum of max_aio_procs and target_aio_procs when spawning new 2008-06-21 11:34:34 +00:00
vfs_bio.c Remove the struct thread unuseful argument from bufobj interface. 2008-10-10 21:23:50 +00:00
vfs_cache.c Move vn_fullpath1() outside of FILEDESC locking. This is being done in 2008-11-25 15:36:15 +00:00
vfs_cluster.c - Complete part of the unfinished bufobj work by consistently using 2008-03-22 09:15:16 +00:00
vfs_default.c Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed thread 2008-08-28 15:23:18 +00:00
vfs_export.c Correct typo in comment: thier -> their 2008-11-24 19:28:52 +00:00
vfs_extattr.c Add the support for the AT_FDCWD and fd-relative name lookups to the 2008-03-31 12:01:21 +00:00
vfs_hash.c In keeping with style(9)'s recommendations on macros, use a ';' 2008-03-16 10:58:09 +00:00
vfs_init.c Remove VFS_VPTOFH entirely. API is already broken and it is good time to 2007-02-16 17:32:41 +00:00
vfs_lookup.c Update ZFS from version 6 to 13 and bring some FreeBSD-specific changes. 2008-11-17 20:49:29 +00:00
vfs_mount.c Remove the mnt_holdcnt and mnt_holdcntwaiters because they are useless. 2008-11-03 20:00:35 +00:00
vfs_subr.c In the nfsrv_fhtovp(), after the vfs_getvfs() function found the pointer 2008-11-29 13:34:59 +00:00
vfs_syscalls.c In the nfsrv_fhtovp(), after the vfs_getvfs() function found the pointer 2008-11-29 13:34:59 +00:00
vfs_vnops.c Improve KASSERT() call a bit: 2008-11-29 12:40:14 +00:00
vnode_if.src Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary 2008-10-28 13:44:11 +00:00