1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-01 12:19:28 +00:00
freebsd/sys/netinet6
Jamie Gritton 0304c73163 Add hierarchical jails. A jail may further virtualize its environment
by creating a child jail, which is visible to that jail and to any
parent jails.  Child jails may be restricted more than their parents,
but never less.  Jail names reflect this hierarchy, being MIB-style
dot-separated strings.

Every thread now points to a jail, the default being prison0, which
contains information about the physical system.  Prison0's root
directory is the same as rootvnode; its hostname is the same as the
global hostname, and its securelevel replaces the global securelevel.
Note that the variable "securelevel" has actually gone away, which
should not cause any problems for code that properly uses
securelevel_gt() and securelevel_ge().

Some jail-related permissions that were kept in global variables and
set via sysctls are now per-jail settings.  The sysctls still exist for
backward compatibility, used only by the now-deprecated jail(2) system
call.

Approved by:	bz (mentor)
2009-05-27 14:11:23 +00:00
..
dest6.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
frag6.c First pass at separating per-vnet initializer functions 2009-04-06 22:29:41 +00:00
icmp6.c Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit: 2009-04-29 19:19:13 +00:00
icmp6.h
in6_cksum.c Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
in6_gif.c On architectures with strict alignment requirements compensate 2009-03-07 19:08:58 +00:00
in6_gif.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
in6_ifattach.c Add hierarchical jails. A jail may further virtualize its environment 2009-05-27 14:11:23 +00:00
in6_ifattach.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
in6_mcast.c Silence unsolicited spam printed out when KTR_MLD happens to be 2009-05-05 16:27:45 +00:00
in6_pcb.c Add hierarchical jails. A jail may further virtualize its environment 2009-05-27 14:11:23 +00:00
in6_pcb.h Merge in6_pcbfree() into in_pcbfree() which after the previous 2008-11-27 12:04:35 +00:00
in6_proto.c Permit buiding kernels with options VIMAGE, restricted to only a single 2009-04-30 13:36:26 +00:00
in6_rmx.c Change the curvnet variable from a global const struct vnet *, 2009-05-05 10:56:12 +00:00
in6_src.c First pass at separating per-vnet initializer functions 2009-04-06 22:29:41 +00:00
in6_var.h Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit: 2009-04-29 19:19:13 +00:00
in6.c Add hierarchical jails. A jail may further virtualize its environment 2009-05-27 14:11:23 +00:00
in6.h Add IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT, in6addr_linklocal_allv2routers 2009-04-29 10:22:44 +00:00
ip6_ecn.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
ip6_forward.c Try to remove/assimilate as much of formerly IPv4/6 specific 2009-02-08 09:27:07 +00:00
ip6_id.c Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
ip6_input.c Permit buiding kernels with options VIMAGE, restricted to only a single 2009-04-30 13:36:26 +00:00
ip6_ipsec.c Add sysctls to toggle the behaviour of the (former) IPSEC_FILTERTUNNEL 2009-05-23 16:42:38 +00:00
ip6_ipsec.h #if 0 out a currently unsued (and incomplete) function: ip6_ipsec_mtu(). 2008-03-14 11:44:30 +00:00
ip6_mroute.c Add two missing INIT_VNET_INET6(curvnet) to make VIMAGE kernels happier. 2009-05-18 17:48:46 +00:00
ip6_mroute.h Introduce a number of changes to the MROUTING code. 2009-03-19 01:43:03 +00:00
ip6_output.c Implement RFC 5095 more fully. Rather than marking this no-op code as 2009-05-09 18:25:58 +00:00
ip6_var.h Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit: 2009-04-29 19:19:13 +00:00
ip6.h
ip6protosw.h struct ip6protosw is a copy of struct protosw, so remove pr_usrreq there 2009-01-04 21:13:51 +00:00
mld6_var.h Bite the bullet, and make the IPv6 SSM and MLDv2 mega-commit: 2009-04-29 19:19:13 +00:00
mld6.c Pullup from p4 tip: 2009-05-21 18:05:17 +00:00
mld6.h Add MLDv2 protocol header, but do not connect it to the build. 2009-04-29 11:31:23 +00:00
nd6_nbr.c Change the curvnet variable from a global const struct vnet *, 2009-05-05 10:56:12 +00:00
nd6_rtr.c In preparation for turning on options VIMAGE in next commits, 2009-04-26 22:06:42 +00:00
nd6.c Change the curvnet variable from a global const struct vnet *, 2009-05-05 10:56:12 +00:00
nd6.h Change if_output to take a struct route as its fourth argument in order 2009-04-16 20:30:28 +00:00
pim6_var.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
pim6.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
raw_ip6.c Permit buiding kernels with options VIMAGE, restricted to only a single 2009-04-30 13:36:26 +00:00
raw_ip6.h Second round of putting global variables, which were virtualized 2008-12-13 19:13:03 +00:00
route6.c Implement RFC 5095 more fully. Rather than marking this no-op code as 2009-05-09 18:25:58 +00:00
scope6_var.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
scope6.c First pass at separating per-vnet initializer functions 2009-04-06 22:29:41 +00:00
sctp6_usrreq.c - Cleanup checksum code. 2009-02-03 11:04:03 +00:00
sctp6_var.h 1) Adds the rest of the VIMAGE change macros 2008-07-09 16:45:30 +00:00
tcp6_var.h Put a global variables, which were virtualized but formerly 2008-12-11 16:26:38 +00:00
udp6_usrreq.c Implement UDP control block support. 2009-05-23 16:51:13 +00:00
udp6_var.h Clean up VCS Ids. 2007-12-10 16:03:40 +00:00
vinet6.h Make indentation more uniform accross vnet container structs. 2009-05-02 08:16:26 +00:00