Paths

Table of Contentst

Differential D53960

libjail: extend struct handlers to included MAC labels
ClosedPublic
Actions

Authored by kevans on Nov 27 2025, 6:38 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Thu, Jan 22, 5:10 PM

	Unknown Object (File)
	Fri, Jan 16, 5:22 PM

	Unknown Object (File)
	Fri, Jan 16, 12:25 PM

	Unknown Object (File)
	Sat, Jan 10, 6:15 PM

	Unknown Object (File)
	Thu, Jan 8, 9:36 AM

	Unknown Object (File)
	Tue, Jan 6, 2:36 AM

	Unknown Object (File)
	Wed, Dec 31, 3:02 PM

	Unknown Object (File)
	Sat, Dec 27, 7:06 AM

View All 29 Files

Subscribers

Details

Reviewers

csjp
olce
jamie

Group Reviewers

Commits

rGdb3b39f063d9: libjail: extend struct handlers to included MAC labels

Summary

MAC label handling is a little special; to avoid being too disruptive,
we allocate a mac_t * here for the value so that we can mac_prepare()
or mac_from_text() into. As a result, we need:

A custom free() handler to avoid leaking the *jp_value
A custom jailparam_get() handler to mac_prepare() the mac_t and populate the iove properly, so that the kernel doesn't have to do something funky like copyin, dereference, copyin again.
A custom jailparam_set() handler to similarly populate the iovec properly.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kevans created this revision.Nov 27 2025, 6:38 PM

Herald added a subscriber: imp. · View Herald TranscriptNov 27 2025, 6:38 PM

kevans requested review of this revision.Nov 27 2025, 6:38 PM

Harbormaster completed remote builds in B68899: Diff 167202.Nov 27 2025, 6:38 PM

kevans added a parent revision: D53959: libjail: start refactoring struct ioctl support.Nov 27 2025, 6:38 PM

jamie accepted this revision.Dec 2 2025, 4:29 AM

This revision is now accepted and ready to land.Dec 2 2025, 4:29 AM

kevans added a child revision: D54067: jail: document the mac.label parameter.Dec 4 2025, 3:50 AM

Only skimmed over it, but seems good except for one typo.

lib/libjail/jail.c
1308

kevans marked an inline comment as done.Dec 23 2025, 12:22 AM

Closed by commit rGdb3b39f063d9: libjail: extend struct handlers to included MAC labels (authored by kevans). · Explain WhyFri, Jan 16, 12:25 AM

This revision was automatically updated to reflect the committed changes.

kevans added a commit: rGdb3b39f063d9: libjail: extend struct handlers to included MAC labels.

Revision Contents
Changeset List

Path

Size

lib/

libjail/

192 lines

Diff 169824

lib/libjail/jail.c

Loading...