Page MenuHomeFreeBSD
Differential D53960

libjail: extend struct handlers to included MAC labels
AcceptedPublic
Actions

Authored by kevans on Thu, Nov 27, 6:38 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Dec 11, 2:46 PM
Unknown Object (File)
Tue, Dec 9, 6:45 PM
Unknown Object (File)
Fri, Dec 5, 7:20 PM
Unknown Object (File)
Wed, Dec 3, 5:18 PM
Unknown Object (File)
Tue, Dec 2, 10:49 AM
Unknown Object (File)
Tue, Dec 2, 9:04 AM
Unknown Object (File)
Sun, Nov 30, 3:00 PM
Unknown Object (File)
Sat, Nov 29, 4:41 PM
View All 12 Files
Subscribers
imp

Details

Reviewers
csjp
olce
jamie
Group Reviewers
Jails
Summary

MAC label handling is a little special; to avoid being too disruptive,
we allocate a mac_t * here for the value so that we can mac_prepare()
or mac_from_text() into. As a result, we need:

  • A custom free() handler to avoid leaking the *jp_value
  • A custom jailparam_get() handler to mac_prepare() the mac_t and populate the iove properly, so that the kernel doesn't have to do something funky like copyin, dereference, copyin again.
  • A custom jailparam_set() handler to similarly populate the iovec properly.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 68899
Build 65782: arc lint + arc unit

Revision Contents
Changeset List

PathSize
lib/
libjail/
192 lines

Diff 167202

View Options

lib/libjail/jail.c

Loading...