kernel - use new td_ucred in numerous places
[dragonfly.git] / sys / kern / kern_jail.c
CommitLineData
984263bc
MD
1/*
2 * ----------------------------------------------------------------------------
3 * "THE BEER-WARE LICENSE" (Revision 42):
4 * <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
5 * can do whatever you want with this stuff. If we meet some day, and you think
6 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
7 * ----------------------------------------------------------------------------
8 *
3e4150ef
VBD
9 */
10/*-
11 * Copyright (c) 2006 Victor Balada Diaz <victor@bsdes.net>
12 * All rights reserved.
13 *
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
984263bc 22 *
3e4150ef
VBD
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36
37/*
38 * $FreeBSD: src/sys/kern/kern_jail.c,v 1.6.2.3 2001/08/17 01:00:26 rwatson Exp $
7b09fb68 39 * $DragonFly: src/sys/kern/kern_jail.c,v 1.19 2008/05/17 18:20:33 dillon Exp $
984263bc
MD
40 */
41
c0d74973 42#include "opt_inet6.h"
3e4150ef 43
984263bc
MD
44#include <sys/param.h>
45#include <sys/types.h>
46#include <sys/kernel.h>
47#include <sys/systm.h>
48#include <sys/errno.h>
49#include <sys/sysproto.h>
50#include <sys/malloc.h>
b40e316c
JS
51#include <sys/nlookup.h>
52#include <sys/namecache.h>
984263bc 53#include <sys/proc.h>
895c1f85 54#include <sys/priv.h>
984263bc
MD
55#include <sys/jail.h>
56#include <sys/socket.h>
57#include <sys/sysctl.h>
b40e316c 58#include <sys/kern_syscall.h>
984263bc
MD
59#include <net/if.h>
60#include <netinet/in.h>
3e4150ef 61#include <netinet6/in6_var.h>
984263bc 62
b40e316c 63static struct prison *prison_find(int);
bd544276 64static void prison_ipcache_init(struct prison *);
b40e316c 65
984263bc
MD
66MALLOC_DEFINE(M_PRISON, "prison", "Prison structures");
67
68SYSCTL_NODE(, OID_AUTO, jail, CTLFLAG_RW, 0,
69 "Jail rules");
70
71int jail_set_hostname_allowed = 1;
72SYSCTL_INT(_jail, OID_AUTO, set_hostname_allowed, CTLFLAG_RW,
73 &jail_set_hostname_allowed, 0,
74 "Processes in jail can set their hostnames");
75
76int jail_socket_unixiproute_only = 1;
77SYSCTL_INT(_jail, OID_AUTO, socket_unixiproute_only, CTLFLAG_RW,
78 &jail_socket_unixiproute_only, 0,
3e4150ef 79 "Processes in jail are limited to creating UNIX/IPv[46]/route sockets only");
984263bc
MD
80
81int jail_sysvipc_allowed = 0;
82SYSCTL_INT(_jail, OID_AUTO, sysvipc_allowed, CTLFLAG_RW,
83 &jail_sysvipc_allowed, 0,
84 "Processes in jail can use System V IPC primitives");
85
b70df062
MD
86int jail_chflags_allowed = 0;
87SYSCTL_INT(_jail, OID_AUTO, chflags_allowed, CTLFLAG_RW,
88 &jail_chflags_allowed, 0,
89 "Process in jail can set chflags(1)");
90
7b09fb68
MD
91int jail_allow_raw_sockets = 0;
92SYSCTL_INT(_jail, OID_AUTO, allow_raw_sockets, CTLFLAG_RW,
93 &jail_allow_raw_sockets, 0,
94 "Process in jail can create raw sockets");
95
b40e316c
JS
96int lastprid = 0;
97int prisoncount = 0;
98
99LIST_HEAD(prisonlist, prison);
100struct prisonlist allprison = LIST_HEAD_INITIALIZER(&allprison);
101
102static int
103kern_jail_attach(int jid)
104{
105 struct proc *p = curthread->td_proc;
106 struct prison *pr;
107 int error;
108
109 pr = prison_find(jid);
110 if (pr == NULL)
111 return(EINVAL);
112
28623bf9 113 error = kern_chroot(&pr->pr_root);
b40e316c
JS
114 if (error)
115 return(error);
116
117 prison_hold(pr);
118 cratom(&p->p_ucred);
119 p->p_ucred->cr_prison = pr;
120 p->p_flag |= P_JAILED;
121
122 return(0);
123}
124
5825b226
MN
125static int
126assign_prison_id(struct prison *pr)
127{
128 int tryprid;
129 struct prison *tpr;
130
131 tryprid = lastprid + 1;
132 if (tryprid == JAIL_MAX)
133 tryprid = 1;
134next:
135 LIST_FOREACH(tpr, &allprison, pr_list) {
136 if (tpr->pr_id != tryprid)
137 continue;
138 tryprid++;
139 if (tryprid == JAIL_MAX) {
140 return (ERANGE);
141 }
142 goto next;
143 }
144 pr->pr_id = lastprid = tryprid;
145
146 return (0);
147}
148
149static int
150kern_jail(struct prison *pr, struct jail *j)
151{
152 int error;
153 struct nlookupdata nd;
154
155 error = nlookup_init(&nd, j->path, UIO_USERSPACE, NLC_FOLLOW);
156 if (error) {
157 nlookup_done(&nd);
158 return (error);
159 }
160 error = nlookup(&nd);
161 if (error) {
162 nlookup_done(&nd);
163 return (error);
164 }
165 cache_copy(&nd.nl_nch, &pr->pr_root);
166
167 varsymset_init(&pr->pr_varsymset, NULL);
168 prison_ipcache_init(pr);
169
170 error = assign_prison_id(pr);
171 if (error) {
172 varsymset_clean(&pr->pr_varsymset);
173 nlookup_done(&nd);
174 return (error);
175 }
176
177 LIST_INSERT_HEAD(&allprison, pr, pr_list);
178 prisoncount++;
179
180 error = kern_jail_attach(pr->pr_id);
181 if (error) {
182 LIST_REMOVE(pr, pr_list);
183 varsymset_clean(&pr->pr_varsymset);
184 }
185 nlookup_done(&nd);
186 return (error);
187}
188
41c20dac
MD
189/*
190 * jail()
191 *
192 * jail_args(syscallarg(struct jail *) jail)
3919ced0
MD
193 *
194 * MPALMOSTSAFE
41c20dac 195 */
984263bc 196int
753fd850 197sys_jail(struct jail_args *uap)
984263bc 198{
dadab5e9 199 struct thread *td = curthread;
5825b226 200 struct prison *pr;
3e4150ef 201 struct jail_ip_storage *jip;
5825b226
MN
202 struct jail j;
203 int error;
204 uint32_t jversion;
205
206 uap->sysmsg_result = -1;
984263bc 207
f938e984 208 error = priv_check(td, PRIV_JAIL_CREATE);
5825b226 209 if (error)
8a506447 210 return (error);
5825b226 211
8a506447 212 error = copyin(uap->jail, &jversion, sizeof(jversion));
5825b226 213 if (error)
8a506447 214 return (error);
5825b226 215
f5b8f0d8 216 pr = kmalloc(sizeof(*pr), M_PRISON, M_WAITOK | M_ZERO);
3e4150ef 217 SLIST_INIT(&pr->pr_ips);
3919ced0 218 get_mplock();
3e4150ef
VBD
219
220 switch (jversion) {
221 case 0:
8a506447 222 /* Single IPv4 jails. */
5825b226
MN
223 {
224 struct jail_v0 jv0;
225 struct sockaddr_in ip4addr;
226
8a506447 227 error = copyin(uap->jail, &jv0, sizeof(jv0));
3e4150ef 228 if (error)
5825b226
MN
229 goto out;
230
231 j.path = jv0.path;
232 j.hostname = jv0.hostname;
233
3e4150ef
VBD
234 jip = kmalloc(sizeof(*jip), M_PRISON, M_WAITOK | M_ZERO);
235 ip4addr.sin_family = AF_INET;
236 ip4addr.sin_addr.s_addr = htonl(jv0.ip_number);
237 memcpy(&jip->ip, &ip4addr, sizeof(ip4addr));
238 SLIST_INSERT_HEAD(&pr->pr_ips, jip, entries);
239 break;
5825b226
MN
240 }
241
3e4150ef 242 case 1:
8a506447
MN
243 /*
244 * DragonFly multi noIP/IPv4/IPv6 jails
245 *
246 * NOTE: This version is unsupported by FreeBSD
247 * (which uses version 2 instead).
248 */
249
3e4150ef
VBD
250 error = copyin(uap->jail, &j, sizeof(j));
251 if (error)
5825b226
MN
252 goto out;
253
254 for (int i = 0; i < j.n_ips; i++) {
255 jip = kmalloc(sizeof(*jip), M_PRISON,
3e4150ef 256 M_WAITOK | M_ZERO);
3e4150ef 257 SLIST_INSERT_HEAD(&pr->pr_ips, jip, entries);
5825b226
MN
258 error = copyin(&j.ips[i], &jip->ip,
259 sizeof(struct sockaddr_storage));
260 if (error)
261 goto out;
3e4150ef 262 }
3e4150ef
VBD
263 break;
264 default:
265 error = EINVAL;
5825b226 266 goto out;
3e4150ef 267 }
b40e316c 268
f5b8f0d8 269 error = copyinstr(j.hostname, &pr->pr_host, sizeof(pr->pr_host), 0);
e713d50d 270 if (error)
5825b226 271 goto out;
b40e316c 272
5825b226 273 error = kern_jail(pr, &j);
984263bc 274 if (error)
5825b226 275 goto out;
984263bc 276
61deed49 277 uap->sysmsg_result = pr->pr_id;
3919ced0 278 rel_mplock();
984263bc
MD
279 return (0);
280
5825b226 281out:
3e4150ef
VBD
282 /* Delete all ips */
283 while (!SLIST_EMPTY(&pr->pr_ips)) {
284 jip = SLIST_FIRST(&pr->pr_ips);
285 SLIST_REMOVE_HEAD(&pr->pr_ips, entries);
81be0cb8 286 kfree(jip, M_PRISON);
3e4150ef 287 }
3919ced0 288 rel_mplock();
81be0cb8 289 kfree(pr, M_PRISON);
5825b226 290 return (error);
b40e316c
JS
291}
292
293/*
294 * int jail_attach(int jid);
3919ced0
MD
295 *
296 * MPALMOSTSAFE
b40e316c
JS
297 */
298int
753fd850 299sys_jail_attach(struct jail_attach_args *uap)
b40e316c
JS
300{
301 struct thread *td = curthread;
302 int error;
303
f938e984 304 error = priv_check(td, PRIV_JAIL_ATTACH);
b40e316c
JS
305 if (error)
306 return(error);
3919ced0
MD
307 get_mplock();
308 error = kern_jail_attach(uap->jid);
309 rel_mplock();
310 return (error);
984263bc
MD
311}
312
bd544276
VBD
313static void
314prison_ipcache_init(struct prison *pr)
315{
316 struct jail_ip_storage *jis;
317 struct sockaddr_in *ip4;
318 struct sockaddr_in6 *ip6;
319
320 SLIST_FOREACH(jis, &pr->pr_ips, entries) {
321 switch (jis->ip.ss_family) {
322 case AF_INET:
323 ip4 = (struct sockaddr_in *)&jis->ip;
324 if ((ntohl(ip4->sin_addr.s_addr) >> IN_CLASSA_NSHIFT) ==
325 IN_LOOPBACKNET) {
326 /* loopback address */
327 if (pr->local_ip4 == NULL)
328 pr->local_ip4 = ip4;
329 } else {
330 /* public address */
331 if (pr->nonlocal_ip4 == NULL)
332 pr->nonlocal_ip4 = ip4;
333 }
334 break;
335
336 case AF_INET6:
337 ip6 = (struct sockaddr_in6 *)&jis->ip;
338 if (IN6_IS_ADDR_LOOPBACK(&ip6->sin6_addr)) {
339 /* loopback address */
340 if (pr->local_ip6 == NULL)
341 pr->local_ip6 = ip6;
342 } else {
343 /* public address */
344 if (pr->nonlocal_ip6 == NULL)
345 pr->nonlocal_ip6 = ip6;
346 }
347 break;
348 }
349 }
350}
351
3e4150ef
VBD
352/*
353 * Changes INADDR_LOOPBACK for a valid jail address.
354 * ip is in network byte order.
355 * Returns 1 if the ip is among jail valid ips.
356 * Returns 0 if is not among jail valid ips or
357 * if couldn't replace INADDR_LOOPBACK for a valid
358 * IP.
359 */
984263bc 360int
3e4150ef 361prison_replace_wildcards(struct thread *td, struct sockaddr *ip)
984263bc 362{
3e4150ef
VBD
363 struct sockaddr_in *ip4 = (struct sockaddr_in *)ip;
364 struct sockaddr_in6 *ip6 = (struct sockaddr_in6 *)ip;
41c20dac 365 struct prison *pr;
984263bc 366
dadab5e9 367 if (td->td_proc == NULL)
3e4150ef 368 return (1);
9910d07b 369 if ((pr = td->td_ucred->cr_prison) == NULL)
3e4150ef
VBD
370 return (1);
371
372 if ((ip->sa_family == AF_INET &&
373 ip4->sin_addr.s_addr == htonl(INADDR_ANY)) ||
374 (ip->sa_family == AF_INET6 &&
375 IN6_IS_ADDR_UNSPECIFIED(&ip6->sin6_addr)))
376 return (1);
377 if ((ip->sa_family == AF_INET &&
378 ip4->sin_addr.s_addr == htonl(INADDR_LOOPBACK)) ||
379 (ip->sa_family == AF_INET6 &&
380 IN6_IS_ADDR_LOOPBACK(&ip6->sin6_addr))) {
bd544276
VBD
381 if (!prison_get_local(pr, ip->sa_family, ip) &&
382 !prison_get_nonlocal(pr, ip->sa_family, ip))
3e4150ef 383 return(0);
984263bc 384 else
3e4150ef 385 return(1);
984263bc 386 }
3e4150ef
VBD
387 if (jailed_ip(pr, ip))
388 return(1);
389 return(0);
984263bc
MD
390}
391
3e4150ef
VBD
392int
393prison_remote_ip(struct thread *td, struct sockaddr *ip)
984263bc 394{
3e4150ef
VBD
395 struct sockaddr_in *ip4 = (struct sockaddr_in *)ip;
396 struct sockaddr_in6 *ip6 = (struct sockaddr_in6 *)ip;
41c20dac 397 struct prison *pr;
984263bc 398
dadab5e9 399 if (td == NULL || td->td_proc == NULL)
3e4150ef 400 return(1);
9910d07b 401 if ((pr = td->td_ucred->cr_prison) == NULL)
3e4150ef
VBD
402 return(1);
403 if ((ip->sa_family == AF_INET &&
404 ip4->sin_addr.s_addr == htonl(INADDR_LOOPBACK)) ||
405 (ip->sa_family == AF_INET6 &&
406 IN6_IS_ADDR_LOOPBACK(&ip6->sin6_addr))) {
bd544276
VBD
407 if (!prison_get_local(pr, ip->sa_family, ip) &&
408 !prison_get_nonlocal(pr, ip->sa_family, ip))
3e4150ef 409 return(0);
984263bc 410 else
3e4150ef
VBD
411 return(1);
412 }
413 return(1);
414}
415
416/*
417 * Prison get non loopback ip:
bd544276
VBD
418 * - af is the address family of the ip we want (AF_INET|AF_INET6).
419 * - If ip != NULL, put the first IP address that is not a loopback address
420 * into *ip.
421 *
3e4150ef 422 * ip is in network by order and we don't touch it unless we find a valid ip.
bd544276
VBD
423 * No matter if ip == NULL or not, we return either a valid struct sockaddr *,
424 * or NULL. This struct may not be modified.
3e4150ef 425 */
bd544276
VBD
426struct sockaddr *
427prison_get_nonlocal(struct prison *pr, sa_family_t af, struct sockaddr *ip)
3e4150ef 428{
bd544276
VBD
429 struct sockaddr_in *ip4 = (struct sockaddr_in *)ip;
430 struct sockaddr_in6 *ip6 = (struct sockaddr_in6 *)ip;
3e4150ef 431
3e4150ef 432 /* Check if it is cached */
bd544276
VBD
433 switch(af) {
434 case AF_INET:
435 if (ip4 != NULL && pr->nonlocal_ip4 != NULL)
436 ip4->sin_addr.s_addr = pr->nonlocal_ip4->sin_addr.s_addr;
437 return (struct sockaddr *)pr->nonlocal_ip4;
438
439 case AF_INET6:
440 if (ip6 != NULL && pr->nonlocal_ip6 != NULL)
441 ip6->sin6_addr = pr->nonlocal_ip6->sin6_addr;
442 return (struct sockaddr *)pr->nonlocal_ip6;
3e4150ef 443 }
bd544276
VBD
444
445 /* NOTREACHED */
446 return NULL;
3e4150ef
VBD
447}
448
449/*
450 * Prison get loopback ip.
bd544276
VBD
451 * - af is the address family of the ip we want (AF_INET|AF_INET6).
452 * - If ip != NULL, put the first IP address that is not a loopback address
453 * into *ip.
454 *
455 * ip is in network by order and we don't touch it unless we find a valid ip.
456 * No matter if ip == NULL or not, we return either a valid struct sockaddr *,
457 * or NULL. This struct may not be modified.
3e4150ef 458 */
bd544276
VBD
459struct sockaddr *
460prison_get_local(struct prison *pr, sa_family_t af, struct sockaddr *ip)
3e4150ef 461{
bd544276
VBD
462 struct sockaddr_in *ip4 = (struct sockaddr_in *)ip;
463 struct sockaddr_in6 *ip6 = (struct sockaddr_in6 *)ip;
3e4150ef 464
3e4150ef 465 /* Check if it is cached */
bd544276
VBD
466 switch(af) {
467 case AF_INET:
468 if (ip4 != NULL && pr->local_ip4 != NULL)
469 ip4->sin_addr.s_addr = pr->local_ip4->sin_addr.s_addr;
470 return (struct sockaddr *)pr->local_ip4;
471
472 case AF_INET6:
473 if (ip6 != NULL && pr->local_ip6 != NULL)
474 ip6->sin6_addr = pr->local_ip6->sin6_addr;
475 return (struct sockaddr *)pr->local_ip6;
984263bc 476 }
bd544276
VBD
477
478 /* NOTREACHED */
479 return NULL;
3e4150ef
VBD
480}
481
482/* Check if the IP is among ours, if it is return 1, else 0 */
483int
484jailed_ip(struct prison *pr, struct sockaddr *ip)
485{
486 struct jail_ip_storage *jis;
487 struct sockaddr_in *jip4, *ip4;
488 struct sockaddr_in6 *jip6, *ip6;
489
490 if (pr == NULL)
491 return(0);
492 ip4 = (struct sockaddr_in *)ip;
493 ip6 = (struct sockaddr_in6 *)ip;
494 SLIST_FOREACH(jis, &pr->pr_ips, entries) {
495 switch (ip->sa_family) {
496 case AF_INET:
497 jip4 = (struct sockaddr_in *) &jis->ip;
498 if (jip4->sin_family == AF_INET &&
499 ip4->sin_addr.s_addr == jip4->sin_addr.s_addr)
500 return(1);
501 break;
502 case AF_INET6:
503 jip6 = (struct sockaddr_in6 *) &jis->ip;
504 if (jip6->sin6_family == AF_INET6 &&
505 IN6_ARE_ADDR_EQUAL(&ip6->sin6_addr,
506 &jip6->sin6_addr))
507 return(1);
508 break;
509 }
510 }
511 /* Ip not in list */
512 return(0);
984263bc
MD
513}
514
515int
87de5057 516prison_if(struct ucred *cred, struct sockaddr *sa)
984263bc 517{
41c20dac 518 struct prison *pr;
984263bc 519 struct sockaddr_in *sai = (struct sockaddr_in*) sa;
984263bc 520
87de5057 521 pr = cred->cr_prison;
41c20dac 522
3e4150ef
VBD
523 if (((sai->sin_family != AF_INET) && (sai->sin_family != AF_INET6))
524 && jail_socket_unixiproute_only)
525 return(1);
526 else if ((sai->sin_family != AF_INET) && (sai->sin_family != AF_INET6))
527 return(0);
528 else if (jailed_ip(pr, sa))
529 return(0);
530 return(1);
984263bc 531}
b40e316c
JS
532
533/*
534 * Returns a prison instance, or NULL on failure.
535 */
536static struct prison *
537prison_find(int prid)
538{
539 struct prison *pr;
540
541 LIST_FOREACH(pr, &allprison, pr_list) {
542 if (pr->pr_id == prid)
543 break;
544 }
545 return(pr);
546}
547
548static int
549sysctl_jail_list(SYSCTL_HANDLER_ARGS)
550{
9910d07b 551 struct thread *td = curthread;
3e4150ef 552 struct jail_ip_storage *jip;
70c97e0d 553#ifdef INET6
3e4150ef 554 struct sockaddr_in6 *jsin6;
70c97e0d 555#endif
3e4150ef 556 struct sockaddr_in *jsin;
9910d07b 557 struct lwp *lp;
b40e316c 558 struct prison *pr;
3e4150ef 559 unsigned int jlssize, jlsused;
b40e316c 560 int count, error;
3e4150ef
VBD
561 char *jls; /* Jail list */
562 char *oip; /* Output ip */
563 char *fullpath, *freepath;
b40e316c 564
3e4150ef 565 jlsused = 0;
b40e316c 566
9910d07b 567 if (jailed(td->td_ucred))
b40e316c 568 return (0);
9910d07b 569 lp = td->td_lwp;
b40e316c
JS
570retry:
571 count = prisoncount;
572
573 if (count == 0)
574 return(0);
575
3e4150ef
VBD
576 jlssize = (count * 1024);
577 jls = kmalloc(jlssize + 1, M_TEMP, M_WAITOK | M_ZERO);
b40e316c 578 if (count < prisoncount) {
3e4150ef 579 kfree(jls, M_TEMP);
b40e316c
JS
580 goto retry;
581 }
582 count = prisoncount;
e713d50d 583
b40e316c 584 LIST_FOREACH(pr, &allprison, pr_list) {
9910d07b
MD
585 error = cache_fullpath(lp->lwp_proc, &pr->pr_root,
586 &fullpath, &freepath);
70c97e0d
MD
587 if (error)
588 continue;
589 if (jlsused && jlsused < jlssize)
590 jls[jlsused++] = '\n';
591 count = ksnprintf(jls + jlsused, (jlssize - jlsused),
592 "%d %s %s",
593 pr->pr_id, pr->pr_host, fullpath);
3e4150ef
VBD
594 kfree(freepath, M_TEMP);
595 if (count < 0)
596 goto end;
597 jlsused += count;
598
599 /* Copy the IPS */
600 SLIST_FOREACH(jip, &pr->pr_ips, entries) {
601 jsin = (struct sockaddr_in *)&jip->ip;
3e4150ef 602
70c97e0d
MD
603 switch(jsin->sin_family) {
604 case AF_INET:
3e4150ef 605 oip = inet_ntoa(jsin->sin_addr);
70c97e0d
MD
606 break;
607#ifdef INET6
608 case AF_INET6:
609 jsin6 = (struct sockaddr_in6 *)&jip->ip;
3e4150ef 610 oip = ip6_sprintf(&jsin6->sin6_addr);
70c97e0d
MD
611 break;
612#endif
613 default:
614 oip = "?family?";
615 break;
616 }
3e4150ef 617
70c97e0d 618 if ((jlssize - jlsused) < (strlen(oip) + 1)) {
3e4150ef
VBD
619 error = ERANGE;
620 goto end;
621 }
70c97e0d
MD
622 count = ksnprintf(jls + jlsused, (jlssize - jlsused),
623 " %s", oip);
624 if (count < 0)
625 goto end;
626 jlsused += count;
b40e316c 627 }
b40e316c
JS
628 }
629
3e4150ef
VBD
630 /*
631 * The format is:
632 * pr_id <SPC> hostname1 <SPC> PATH1 <SPC> IP1 <SPC> IP2\npr_id...
633 */
634 error = SYSCTL_OUT(req, jls, jlsused);
635end:
636 kfree(jls, M_TEMP);
b40e316c
JS
637 return(error);
638}
639
3e4150ef
VBD
640SYSCTL_OID(_jail, OID_AUTO, list, CTLTYPE_STRING | CTLFLAG_RD, NULL, 0,
641 sysctl_jail_list, "A", "List of active jails");
b40e316c
JS
642
643void
644prison_hold(struct prison *pr)
645{
646 pr->pr_ref++;
647}
648
649void
650prison_free(struct prison *pr)
651{
3e4150ef 652 struct jail_ip_storage *jls;
b40e316c
JS
653 KKASSERT(pr->pr_ref >= 1);
654
655 if (--pr->pr_ref > 0)
656 return;
657
3e4150ef
VBD
658 /* Delete all ips */
659 while (!SLIST_EMPTY(&pr->pr_ips)) {
660 jls = SLIST_FIRST(&pr->pr_ips);
661 SLIST_REMOVE_HEAD(&pr->pr_ips, entries);
81be0cb8 662 kfree(jls, M_PRISON);
3e4150ef 663 }
b40e316c
JS
664 LIST_REMOVE(pr, pr_list);
665 prisoncount--;
666
667 if (pr->pr_linux != NULL)
efda3bd0 668 kfree(pr->pr_linux, M_PRISON);
b40e316c 669 varsymset_clean(&pr->pr_varsymset);
28623bf9 670 cache_drop(&pr->pr_root);
efda3bd0 671 kfree(pr, M_PRISON);
b40e316c 672}
cd554aa4
MN
673
674/*
675 * Check if permisson for a specific privilege is granted within jail.
1ee6e3c6
MD
676 *
677 * MPSAFE
cd554aa4
MN
678 */
679int
680prison_priv_check(struct ucred *cred, int priv)
681{
682 if (!jailed(cred))
683 return (0);
684
3a591c90
MN
685 switch (priv) {
686 case PRIV_CRED_SETUID:
687 case PRIV_CRED_SETEUID:
688 case PRIV_CRED_SETGID:
689 case PRIV_CRED_SETEGID:
690 case PRIV_CRED_SETGROUPS:
691 case PRIV_CRED_SETREUID:
692 case PRIV_CRED_SETREGID:
693 case PRIV_CRED_SETRESUID:
694 case PRIV_CRED_SETRESGID:
695
696 case PRIV_VFS_SYSFLAGS:
697 case PRIV_VFS_CHOWN:
47fac363 698 case PRIV_VFS_CHMOD:
3a591c90 699 case PRIV_VFS_CHROOT:
f6df0641 700 case PRIV_VFS_LINK:
6dc79895 701 case PRIV_VFS_CHFLAGS_DEV:
e90e4023 702 case PRIV_VFS_REVOKE:
3a591c90
MN
703 case PRIV_VFS_MKNOD_BAD:
704 case PRIV_VFS_MKNOD_WHT:
705 case PRIV_VFS_MKNOD_DIR:
db813a0c 706 case PRIV_VFS_SETATTR:
61b7a688 707 case PRIV_VFS_SETGID:
3a591c90
MN
708
709 case PRIV_PROC_SETRLIMIT:
710 case PRIV_PROC_SETLOGIN:
711
712 case PRIV_SYSCTL_WRITEJAIL:
713
aedd0fb7
MN
714 case PRIV_VARSYM_SYS:
715
ed869814
MN
716 case PRIV_SETHOSTNAME:
717
14272f2d
MN
718 case PRIV_PROC_TRESPASS:
719
3a591c90
MN
720 return (0);
721
450a5627
MN
722 case PRIV_UFS_QUOTAON:
723 case PRIV_UFS_QUOTAOFF:
724 case PRIV_VFS_SETQUOTA:
725 case PRIV_UFS_SETUSE:
726 case PRIV_VFS_GETQUOTA:
727 return (0);
728
729
0620bd26
MN
730 case PRIV_DEBUG_UNPRIV:
731 return (0);
732
733
c311416a 734 /*
12427114
MN
735 * Allow jailed root to bind reserved ports.
736 */
737 case PRIV_NETINET_RESERVEDPORT:
738 return (0);
739
740
741 /*
c311416a
MN
742 * Conditionally allow creating raw sockets in jail.
743 */
8d911978 744 case PRIV_NETINET_RAW:
8d911978
MN
745 if (jail_allow_raw_sockets)
746 return (0);
c311416a
MN
747 else
748 return (EPERM);
8d911978 749
91a193f5
MN
750 case PRIV_HAMMER_IOCTL:
751 return (0);
752
3a591c90
MN
753 default:
754
755 return (EPERM);
756 }
cd554aa4 757}