Paths

Table of Contentst

Diffusion FreeBSD src repository db3b39f063d9

libjail: extend struct handlers to included MAC labels
db3b39f063d9
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

libjail: extend struct handlers to included MAC labels

MAC label handling is a little special; to avoid being too disruptive,
we allocate a mac_t * here for the value so that we can mac_prepare()
or mac_from_text() into. As a result, we need:

A custom free() handler to avoid leaking the *jp_value
A custom jailparam_get() handler to mac_prepare() the mac_t and populate the iove properly, so that the kernel doesn't have to do something funky like copyin, dereference, copyin again.
A custom jailparam_set() handler to similarly populate the iovec properly.

Reviewed by: jamie
Differential Revision: https://reviews.freebsd.org/D53960

Details

Provenance

Authored on Nov 27 2025, 5:24 AM

Reviewer

Differential Revision

D53960: libjail: extend struct handlers to included MAC labels

Parents

rG1af8d5652a01: libjail: start refactoring struct ioctl support

Branches

Unknown

Tags

Unknown

Event Timeline

kevans committed rGdb3b39f063d9: libjail: extend struct handlers to included MAC labels (authored by kevans).Jan 16 2026, 12:23 AM

kevans added an edge: D53960: libjail: extend struct handlers to included MAC labels.

kevans mentioned this in D54786: jail(3): fix common usage after mac.label support.Mon, Jan 19, 8:19 PM

kevans mentioned this in rG3f3b53e68a7b: jail(3): fix common usage after mac.label support.Tue, Jan 20, 2:58 AM

Changes (1)

Path

Size

lib/

libjail/

rGdb3b39f063d9

lib/libjail/jail.c

Loading...