Changeset View
Changeset View
Standalone View
Standalone View
sys/sys/jail.h
Show First 20 Lines • Show All 160 Lines • ▼ Show 20 Lines | struct prison { | ||||
LIST_HEAD(, prison) pr_children; /* (a) list of child jails */ | LIST_HEAD(, prison) pr_children; /* (a) list of child jails */ | ||||
LIST_ENTRY(prison) pr_sibling; /* (a) next in parent's list */ | LIST_ENTRY(prison) pr_sibling; /* (a) next in parent's list */ | ||||
struct prison *pr_parent; /* (c) containing jail */ | struct prison *pr_parent; /* (c) containing jail */ | ||||
struct mtx pr_mtx; | struct mtx pr_mtx; | ||||
struct task pr_task; /* (c) destroy task */ | struct task pr_task; /* (c) destroy task */ | ||||
struct osd pr_osd; /* (p) additional data */ | struct osd pr_osd; /* (p) additional data */ | ||||
struct cpuset *pr_cpuset; /* (p) cpuset */ | struct cpuset *pr_cpuset; /* (p) cpuset */ | ||||
struct vnet *pr_vnet; /* (c) network stack */ | struct vnet *pr_vnet; /* (c) network stack */ | ||||
struct vps *pr_vps; /* (c) process space */ | |||||
struct vnode *pr_root; /* (c) vnode to rdir */ | struct vnode *pr_root; /* (c) vnode to rdir */ | ||||
int pr_ip4s; /* (p) number of v4 IPs */ | int pr_ip4s; /* (p) number of v4 IPs */ | ||||
int pr_ip6s; /* (p) number of v6 IPs */ | int pr_ip6s; /* (p) number of v6 IPs */ | ||||
struct in_addr *pr_ip4; /* (p) v4 IPs of jail */ | struct in_addr *pr_ip4; /* (p) v4 IPs of jail */ | ||||
struct in6_addr *pr_ip6; /* (p) v6 IPs of jail */ | struct in6_addr *pr_ip6; /* (p) v6 IPs of jail */ | ||||
struct prison_racct *pr_prison_racct; /* (c) racct jail proxy */ | struct prison_racct *pr_prison_racct; /* (c) racct jail proxy */ | ||||
void *pr_sparep[3]; | void *pr_sparep[3]; | ||||
int pr_childcount; /* (a) number of child jails */ | int pr_childcount; /* (a) number of child jails */ | ||||
Show All 27 Lines | |||||
#define PR_HOST 0x00000002 /* Virtualize hostname et al */ | #define PR_HOST 0x00000002 /* Virtualize hostname et al */ | ||||
#define PR_IP4_USER 0x00000004 /* Restrict IPv4 addresses */ | #define PR_IP4_USER 0x00000004 /* Restrict IPv4 addresses */ | ||||
#define PR_IP6_USER 0x00000008 /* Restrict IPv6 addresses */ | #define PR_IP6_USER 0x00000008 /* Restrict IPv6 addresses */ | ||||
#define PR_VNET 0x00000010 /* Virtual network stack */ | #define PR_VNET 0x00000010 /* Virtual network stack */ | ||||
#define PR_IP4_SADDRSEL 0x00000080 /* Do IPv4 src addr sel. or use the */ | #define PR_IP4_SADDRSEL 0x00000080 /* Do IPv4 src addr sel. or use the */ | ||||
/* primary jail address. */ | /* primary jail address. */ | ||||
#define PR_IP6_SADDRSEL 0x00000100 /* Do IPv6 src addr sel. or use the */ | #define PR_IP6_SADDRSEL 0x00000100 /* Do IPv6 src addr sel. or use the */ | ||||
/* primary jail address. */ | /* primary jail address. */ | ||||
#define PR_VPS 0x00000200 /* Virtual process space */ | |||||
/* Internal flag bits */ | /* Internal flag bits */ | ||||
#define PR_IP4 0x02000000 /* IPv4 restricted or disabled */ | #define PR_IP4 0x02000000 /* IPv4 restricted or disabled */ | ||||
/* by this jail or an ancestor */ | /* by this jail or an ancestor */ | ||||
#define PR_IP6 0x04000000 /* IPv6 restricted or disabled */ | #define PR_IP6 0x04000000 /* IPv6 restricted or disabled */ | ||||
/* by this jail or an ancestor */ | /* by this jail or an ancestor */ | ||||
/* | /* | ||||
▲ Show 20 Lines • Show All 145 Lines • ▼ Show 20 Lines | |||||
void getcredhostname(struct ucred *, char *, size_t); | void getcredhostname(struct ucred *, char *, size_t); | ||||
void getcreddomainname(struct ucred *, char *, size_t); | void getcreddomainname(struct ucred *, char *, size_t); | ||||
void getcredhostuuid(struct ucred *, char *, size_t); | void getcredhostuuid(struct ucred *, char *, size_t); | ||||
void getcredhostid(struct ucred *, unsigned long *); | void getcredhostid(struct ucred *, unsigned long *); | ||||
void prison0_init(void); | void prison0_init(void); | ||||
int prison_allow(struct ucred *, unsigned); | int prison_allow(struct ucred *, unsigned); | ||||
int prison_check(struct ucred *cred1, struct ucred *cred2); | int prison_check(struct ucred *cred1, struct ucred *cred2); | ||||
int prison_owns_vnet(struct ucred *); | int prison_owns_vnet(struct ucred *); | ||||
int prison_owns_vps(struct ucred *); | |||||
int prison_canseemount(struct ucred *cred, struct mount *mp); | int prison_canseemount(struct ucred *cred, struct mount *mp); | ||||
void prison_enforce_statfs(struct ucred *cred, struct mount *mp, | void prison_enforce_statfs(struct ucred *cred, struct mount *mp, | ||||
struct statfs *sp); | struct statfs *sp); | ||||
struct prison *prison_find(int prid); | struct prison *prison_find(int prid); | ||||
struct prison *prison_find_child(struct prison *, int); | struct prison *prison_find_child(struct prison *, int); | ||||
struct prison *prison_find_name(struct prison *, const char *); | struct prison *prison_find_name(struct prison *, const char *); | ||||
int prison_flag(struct ucred *, unsigned); | int prison_flag(struct ucred *, unsigned); | ||||
void prison_free(struct prison *pr); | void prison_free(struct prison *pr); | ||||
▲ Show 20 Lines • Show All 43 Lines • Show Last 20 Lines |