freebsd-skq/sys/miscfs
Robert Watson 91421ba234 o Move per-process jail pointer (p->pr_prison) to inside of the subject
credential structure, ucred (cr->cr_prison).
o Allow jail inheritence to be a function of credential inheritence.
o Abstract prison structure reference counting behind pr_hold() and
  pr_free(), invoked by the similarly named credential reference
  management functions, removing this code from per-ABI fork/exit code.
o Modify various jail() functions to use struct ucred arguments instead
  of struct proc arguments.
o Introduce jailed() function to determine if a credential is jailed,
  rather than directly checking pointers all over the place.
o Convert PRISON_CHECK() macro to prison_check() function.
o Move jail() function prototypes to jail.h.
o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the
  flag in the process flags field itself.
o Eliminate that "const" qualifier from suser/p_can/etc to reflect
  mutex use.

Notes:

o Some further cleanup of the linux/jail code is still required.
o It's now possible to consider resolving some of the process vs
  credential based permission checking confusion in the socket code.
o Mutex protection of struct prison is still not present, and is
  required to protect the reference count plus some fields in the
  structure.

Reviewed by:	freebsd-arch
Obtained from:	TrustedBSD Project
2001-02-21 06:39:57 +00:00
..
deadfs Change and clean the mutex lock interface. 2001-02-09 06:11:45 +00:00
fdesc Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
fifofs Extend kqueue down to the device layer. 2001-02-15 16:34:11 +00:00
nullfs Change and clean the mutex lock interface. 2001-02-09 06:11:45 +00:00
portal Update to reflect the disappearance of getsock(). 2000-11-25 07:16:06 +00:00
procfs o Move per-process jail pointer (p->pr_prison) to inside of the subject 2001-02-21 06:39:57 +00:00
specfs Extend kqueue down to the device layer. 2001-02-15 16:34:11 +00:00
umapfs Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
union Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00