Changeset View
Changeset View
Standalone View
Standalone View
sys/sys/jail.h
Show First 20 Lines • Show All 396 Lines • ▼ Show 20 Lines | |||||
struct mount; | struct mount; | ||||
struct sockaddr; | struct sockaddr; | ||||
struct statfs; | struct statfs; | ||||
struct vfsconf; | struct vfsconf; | ||||
/* | /* | ||||
* Return 1 if the passed credential is in a jail, otherwise 0. | * Return 1 if the passed credential is in a jail, otherwise 0. | ||||
*/ | */ | ||||
#define jailed(cred) (cred->cr_prison != &prison0) | #define jailed(cred) (cred->cr_prison != &prison0) | ||||
freebsd_igalic.co: we could make this into a bool macro, too | |||||
Done Inline ActionsNo need - that's a clearly boolean expression. jamie: No need - that's a clearly boolean expression. | |||||
int jailed_without_vnet(struct ucred *); | bool jailed_without_vnet(struct ucred *); | ||||
void getcredhostname(struct ucred *, char *, size_t); | void getcredhostname(struct ucred *, char *, size_t); | ||||
void getcreddomainname(struct ucred *, char *, size_t); | void getcreddomainname(struct ucred *, char *, size_t); | ||||
void getcredhostuuid(struct ucred *, char *, size_t); | void getcredhostuuid(struct ucred *, char *, size_t); | ||||
void getcredhostid(struct ucred *, unsigned long *); | void getcredhostid(struct ucred *, unsigned long *); | ||||
void getjailname(struct ucred *cred, char *name, size_t len); | void getjailname(struct ucred *cred, char *name, size_t len); | ||||
void prison0_init(void); | void prison0_init(void); | ||||
int prison_allow(struct ucred *, unsigned); | bool prison_allow(struct ucred *, unsigned); | ||||
int prison_check(struct ucred *cred1, struct ucred *cred2); | int prison_check(struct ucred *cred1, struct ucred *cred2); | ||||
int prison_owns_vnet(struct ucred *); | bool prison_owns_vnet(struct ucred *); | ||||
int prison_canseemount(struct ucred *cred, struct mount *mp); | int prison_canseemount(struct ucred *cred, struct mount *mp); | ||||
void prison_enforce_statfs(struct ucred *cred, struct mount *mp, | void prison_enforce_statfs(struct ucred *cred, struct mount *mp, | ||||
struct statfs *sp); | struct statfs *sp); | ||||
struct prison *prison_find(int prid); | struct prison *prison_find(int prid); | ||||
struct prison *prison_find_child(struct prison *, int); | struct prison *prison_find_child(struct prison *, int); | ||||
struct prison *prison_find_name(struct prison *, const char *); | struct prison *prison_find_name(struct prison *, const char *); | ||||
int prison_flag(struct ucred *, unsigned); | bool prison_flag(struct ucred *, unsigned); | ||||
void prison_free(struct prison *pr); | void prison_free(struct prison *pr); | ||||
void prison_free_locked(struct prison *pr); | void prison_free_locked(struct prison *pr); | ||||
void prison_hold(struct prison *pr); | void prison_hold(struct prison *pr); | ||||
void prison_hold_locked(struct prison *pr); | void prison_hold_locked(struct prison *pr); | ||||
void prison_proc_hold(struct prison *); | void prison_proc_hold(struct prison *); | ||||
void prison_proc_free(struct prison *); | void prison_proc_free(struct prison *); | ||||
void prison_set_allow(struct ucred *cred, unsigned flag, int enable); | void prison_set_allow(struct ucred *cred, unsigned flag, int enable); | ||||
int prison_ischild(struct prison *, struct prison *); | bool prison_ischild(struct prison *, struct prison *); | ||||
bool prison_isalive(struct prison *); | bool prison_isalive(struct prison *); | ||||
bool prison_isvalid(struct prison *); | bool prison_isvalid(struct prison *); | ||||
int prison_equal_ip4(struct prison *, struct prison *); | bool prison_equal_ip4(struct prison *, struct prison *); | ||||
int prison_get_ip4(struct ucred *cred, struct in_addr *ia); | int prison_get_ip4(struct ucred *cred, struct in_addr *ia); | ||||
int prison_local_ip4(struct ucred *cred, struct in_addr *ia); | int prison_local_ip4(struct ucred *cred, struct in_addr *ia); | ||||
int prison_remote_ip4(struct ucred *cred, struct in_addr *ia); | int prison_remote_ip4(struct ucred *cred, struct in_addr *ia); | ||||
int prison_check_ip4(const struct ucred *, const struct in_addr *); | int prison_check_ip4(const struct ucred *, const struct in_addr *); | ||||
int prison_check_ip4_locked(const struct prison *, const struct in_addr *); | int prison_check_ip4_locked(const struct prison *, const struct in_addr *); | ||||
int prison_saddrsel_ip4(struct ucred *, struct in_addr *); | bool prison_saddrsel_ip4(struct ucred *, struct in_addr *); | ||||
int prison_restrict_ip4(struct prison *, struct in_addr *); | bool prison_restrict_ip4(struct prison *, struct in_addr *); | ||||
int prison_qcmp_v4(const void *, const void *); | int prison_qcmp_v4(const void *, const void *); | ||||
#ifdef INET6 | #ifdef INET6 | ||||
int prison_equal_ip6(struct prison *, struct prison *); | bool prison_equal_ip6(struct prison *, struct prison *); | ||||
int prison_get_ip6(struct ucred *, struct in6_addr *); | int prison_get_ip6(struct ucred *, struct in6_addr *); | ||||
int prison_local_ip6(struct ucred *, struct in6_addr *, int); | int prison_local_ip6(struct ucred *, struct in6_addr *, int); | ||||
int prison_remote_ip6(struct ucred *, struct in6_addr *); | int prison_remote_ip6(struct ucred *, struct in6_addr *); | ||||
int prison_check_ip6(const struct ucred *, const struct in6_addr *); | int prison_check_ip6(const struct ucred *, const struct in6_addr *); | ||||
int prison_check_ip6_locked(const struct prison *, const struct in6_addr *); | int prison_check_ip6_locked(const struct prison *, const struct in6_addr *); | ||||
int prison_saddrsel_ip6(struct ucred *, struct in6_addr *); | bool prison_saddrsel_ip6(struct ucred *, struct in6_addr *); | ||||
int prison_restrict_ip6(struct prison *, struct in6_addr *); | bool prison_restrict_ip6(struct prison *, struct in6_addr *); | ||||
int prison_qcmp_v6(const void *, const void *); | int prison_qcmp_v6(const void *, const void *); | ||||
#endif | #endif | ||||
int prison_check_af(struct ucred *cred, int af); | int prison_check_af(struct ucred *cred, int af); | ||||
int prison_if(struct ucred *cred, const struct sockaddr *sa); | int prison_if(struct ucred *cred, const struct sockaddr *sa); | ||||
char *prison_name(struct prison *, struct prison *); | char *prison_name(struct prison *, struct prison *); | ||||
int prison_priv_check(struct ucred *cred, int priv); | int prison_priv_check(struct ucred *cred, int priv); | ||||
int sysctl_jail_param(SYSCTL_HANDLER_ARGS); | int sysctl_jail_param(SYSCTL_HANDLER_ARGS); | ||||
unsigned prison_add_allow(const char *prefix, const char *name, | unsigned prison_add_allow(const char *prefix, const char *name, | ||||
Show All 11 Lines |
we could make this into a bool macro, too