1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-13 10:02:38 +00:00
freebsd/sys/kern
Rick Macklem 88175af8b7 vfs_export: Add mnt_exjail to control exports done in prisons
If there are multiple instances of mountd(8) (in different
prisons), there will be confusion if they manipulate the
exports of the same file system.  This patch adds mnt_exjail
to "struct mount" so that the credentials (and, therefore,
the prison) that did the exports for that file system can
be recorded.  If another prison has already exported the
file system, vfs_export() will fail with an error.
If mnt_exjail == NULL, the file system has not been exported.
mnt_exjail is checked by the NFS server, so that exports done
from within a different prison will not be used.

The patch also implements vfs_exjail_destroy(), which is
called from prison_cleanup() to release all the mnt_exjail
credential references, so that the prison can be removed.
Mainly to avoid doing a scan of the mountlist for the case
where there were no exports done from within the prison,
a count of how many file systems have been exported from
within the prison is kept in pr_exportcnt.

Reviewed by:	markj
Discussed with:	jamie
Differential Revision:	https://reviews.freebsd.org/D38371
MFC after:	3 months
2023-02-21 13:00:42 -08:00
..
bus_if.m subr_bus: restore bus_null_rescan() 2022-06-23 16:07:00 -03:00
clock_if.m
cpufreq_if.m
device_if.m
firmw.S
genassym.sh genassym.sh: Fix two minor issues found by shellcheck 2021-07-28 13:49:16 -06:00
genoffset.c
genoffset.sh genoffset.sh: Use 10 X's instead of 5 for pick mkdtemp implementations 2021-09-07 10:08:51 -06:00
imgact_aout.c Retire sv_transtrap 2022-05-20 14:54:03 +03:00
imgact_binmisc.c imgact_binmisc: Optionally pre-open the interpreter vnode 2022-12-08 14:32:03 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c Add AT_USRSTACK{BASE, LIM} AT vectors, and ELF_BSDF_VMNOOVERCOMMIT flag 2022-09-16 23:23:26 +03:00
imgact_shell.c
init_main.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
init_sysent.c sysent: regen after 52a1d90c8b, posix_fadvise in capmode 2022-04-14 15:17:36 -04:00
kern_acct.c sysent: Get rid of bogus sys/sysent.h include. 2022-05-28 20:52:17 +03:00
kern_alq.c vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd) 2022-03-24 10:20:51 +00:00
kern_boottrace.c boottrace: a simple boot and shutdown-time tracing facility 2022-02-21 20:15:45 -04:00
kern_clock.c kern/clock: remove interrupt reporting from watchdog_fire() 2023-02-16 17:24:29 -04:00
kern_clocksource.c eventtimer: Simplify KTR traces 2022-07-11 15:58:43 -04:00
kern_condvar.c Use sleepq_signal(SLEEPQ_DROP) in cv_signal(). 2021-07-09 20:57:58 -04:00
kern_conf.c Retire clone_drain_lock 2022-08-20 09:44:05 +00:00
kern_cons.c Adjust function definitions in kern_cons.c to avoid clang 15 warnings 2022-07-26 19:59:56 +02:00
kern_context.c sysent: Get rid of bogus sys/sysent.h include. 2022-05-28 20:52:17 +03:00
kern_cpu.c cpufreq: Remove unused devclass argument to DRIVER_MODULE. 2022-05-06 15:46:58 -07:00
kern_cpuset.c cpuset: Handle CPU_WHICH_TIDPID wherever cpuset_which() is called. 2023-01-30 19:28:54 +03:00
kern_ctf.c vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd) 2022-03-24 10:20:51 +00:00
kern_descrip.c Add descrip_check_write_mp() helper 2022-12-29 22:55:39 +02:00
kern_devctl.c devd: Warn for deprecated 'kern' system type 2022-12-02 10:48:02 -07:00
kern_dtrace.c Adjust function definitions in kern_dtrace.c to avoid clang 15 warnings 2022-07-26 19:59:57 +02:00
kern_dump.c kerneldump: remove physical from dump routines 2022-05-13 10:43:19 -03:00
kern_environment.c kern_environment: Partially apply style(9) 2023-01-30 10:47:56 -07:00
kern_et.c
kern_event.c kqueue: retire knlist_init_rw_reader() 2022-08-20 21:17:39 -08:00
kern_exec.c imgact_binmisc: Optionally pre-open the interpreter vnode 2022-12-08 14:32:03 +00:00
kern_exit.c jail: add process linkage 2022-09-05 11:54:47 +00:00
kern_fail.c
kern_ffclock.c sysent: Get rid of bogus sys/sysent.h include. 2022-05-28 20:52:17 +03:00
kern_fork.c jail: add process linkage 2022-09-05 11:54:47 +00:00
kern_hhook.c
kern_idle.c
kern_intr.c kern_intr: Check for NULL event in intr_destroy() 2022-10-15 15:51:44 -03:00
kern_jail.c vfs_export: Add mnt_exjail to control exports done in prisons 2023-02-21 13:00:42 -08:00
kern_kcov.c kcov: use __func__ in KASSERT instead of old function name 2022-03-07 10:47:27 -05:00
kern_khelp.c
kern_kthread.c Update comments referencing create_thread() 2023-02-09 11:58:06 -04:00
kern_ktr.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
kern_ktrace.c ktrace: change AST handler to require AST flag set 2022-08-02 21:11:10 +03:00
kern_linker.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
kern_lock.c lockmgr: fix lock profiling of face adaptive spinning 2021-09-18 10:16:58 +00:00
kern_lockf.c lockf: elide vnode interlock in the common case in lf_purgelocks 2022-09-14 23:04:22 +00:00
kern_lockstat.c
kern_loginclass.c
kern_malloc.c kmem_malloc/free: Use void * instead of vm_offset_t for kernel pointers. 2022-09-22 15:09:19 -07:00
kern_mbuf.c IfAPI: use IfAPI in mbuf 2023-02-06 12:32:04 -05:00
kern_mib.c Allow sysctl hw.machine/hw.machine_arch in capability mode 2023-02-06 14:00:52 -05:00
kern_module.c modules: increase MAXMODNAME and provide backward compat 2021-12-09 18:09:53 +00:00
kern_mtxpool.c
kern_mutex.c callout(9): Allow spin locks use with callout_init_mtx(). 2021-09-02 21:16:46 -04:00
kern_ntptime.c ntptime: ansify 2023-02-13 18:24:13 +00:00
kern_osd.c osd: Fix racy assertions 2021-09-09 10:11:02 -04:00
kern_physio.c SPDX: Not BSD-4-Clause 2022-09-16 21:49:16 -06:00
kern_pmc.c
kern_poll.c kern_poll: include sys/sched.h 2023-02-09 17:13:02 -04:00
kern_priv.c
kern_proc.c AST: rework 2022-08-02 21:11:09 +03:00
kern_procctl.c Remove struct proc p_singlethr member 2022-08-20 20:34:30 +03:00
kern_prot.c kern_prot.c p_candebug(): Remove single-use variable. 2023-02-02 17:00:24 -08:00
kern_racct.c AST: rework 2022-08-02 21:11:09 +03:00
kern_rangelock.c
kern_rctl.c sysent: Get rid of bogus sys/sysent.h include. 2022-05-28 20:52:17 +03:00
kern_resource.c Adjust function definitions in kern_resource.c to avoid clang 15 warnings 2022-07-26 19:59:57 +02:00
kern_rmlock.c rms: add rms_assert_rlock_ok 2022-08-23 19:15:48 +00:00
kern_rwlock.c lockprof: pass lock type as an argument instead of reading the spin flag 2021-05-23 17:55:27 +00:00
kern_sdt.c
kern_sema.c
kern_sendfile.c vfs: add vn_getsize 2022-12-28 22:43:49 +00:00
kern_sharedpage.c Rework how shared page related data is stored 2022-07-18 16:27:32 +02:00
kern_shutdown.c kern_reboot: unconditionally call shutdown_reset() 2023-01-23 15:10:24 -04:00
kern_sig.c Fixes for ptrace_syscallreq() 2022-12-23 01:53:41 +02:00
kern_switch.c mi_switch(): clean up switch types and their usage 2023-02-09 12:01:32 -04:00
kern_sx.c sx: whack set-but-not-used warn in _sx_slock_hard 2023-02-21 13:49:14 +00:00
kern_synch.c mi_switch(): clean up switch types and their usage 2023-02-09 12:01:32 -04:00
kern_syscalls.c sys/kern: Use C99 fixed-width integer types. 2021-12-28 09:41:08 -08:00
kern_sysctl.c sysctl: use correct types and names in sysctl_*sec_to_sbintime 2023-01-27 07:09:22 -08:00
kern_tc.c set_cputicker: use a bool 2022-06-23 15:15:11 -03:00
kern_thr.c thread_create(): call cpu_copy_thread() after td_pflags is zeroed 2022-08-08 19:44:17 +03:00
kern_thread.c whitespace: rewrap to match case directly above 2023-02-03 00:37:31 +00:00
kern_time.c time: Make realitexpire() local to kern_time.c 2022-07-13 09:57:28 -04:00
kern_timeout.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
kern_tslog.c tslog: Add CTLFLAG_SKIP to sysctls 2022-03-20 11:31:16 -07:00
kern_ubsan.c ubsan: Fix a typo in an error message 2021-09-25 11:47:24 +02:00
kern_umtx.c kern_umtx.c do_wait(): correct confusing indent 2023-01-20 23:33:11 +02:00
kern_uuid.c
kern_vnodedumper.c kerneldump: remove physical argument from d_dumper 2022-05-13 10:42:48 -03:00
kern_xxx.c
ksched.c ksched: correct return code for invalid priority 2022-10-17 15:12:13 -03:00
link_elf_obj.c vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd) 2022-03-24 10:20:51 +00:00
link_elf.c Retire broken GPROF support from the kernel 2022-11-15 14:17:10 +00:00
linker_if.m kernel linker: do not read debug symbol tables for non-debug symbols 2021-12-08 23:32:29 +02:00
Make.tags.inc Bring the tags and links entries for amd64 up to date. 2021-09-27 20:04:51 -07:00
Makefile syscalls.master: switch to CAPENABLED flags 2021-09-01 21:58:16 +01:00
md4c.c sys/kern: Use C99 fixed-width integer types. 2021-12-28 09:41:08 -08:00
md5c.c md5: Use c89 function definitions 2022-11-27 13:22:31 -07:00
msi_if.m Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
p1003_1b.c sysent: Get rid of bogus sys/sysent.h include. 2022-05-28 20:52:17 +03:00
pic_if.m
posix4_mib.c
sched_4bsd.c mi_switch(): clean up switch types and their usage 2023-02-09 12:01:32 -04:00
sched_ule.c mi_switch(): clean up switch types and their usage 2023-02-09 12:01:32 -04:00
serdev_if.m
stack_protector.c
subr_acl_nfs4.c
subr_acl_posix1e.c
subr_asan.c atomic: Intercept atomic_(load|store)_bool for kernel sanitizers 2022-10-29 11:10:58 -04:00
subr_atomic64.c sys/kern: Use C99 fixed-width integer types. 2021-12-28 09:41:08 -08:00
subr_autoconf.c Adjust function definition in subr_autoconf.c to avoid clang 15 warnings 2022-07-26 19:59:57 +02:00
subr_blist.c blist: Correct the node count computed in blist_create() 2021-07-13 17:47:27 -04:00
subr_boot.c boot: Remove stray free() 2022-12-07 11:30:04 -07:00
subr_bufring.c
subr_bus_dma.c bus_dma: Deduplicate locking helper functions. 2022-01-05 13:50:40 -08:00
subr_bus.c Revert "newbus: Change attach failure behavior" 2022-12-05 17:00:26 -07:00
subr_busdma_bounce.c Add sched_ithread_prio to set the base priority of an interrupt thread. 2022-07-14 13:13:10 -07:00
subr_busdma_bufalloc.c kmem_malloc/free: Use void * instead of vm_offset_t for kernel pointers. 2022-09-22 15:09:19 -07:00
subr_capability.c Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
subr_clock.c
subr_clockcalib.c clockcalib: Fix an overflow bug 2022-01-20 08:23:38 -05:00
subr_compressor.c MFV: zstd 1.5.2 2023-01-27 17:22:31 +00:00
subr_counter.c
subr_coverage.c kcov: Integrate with KMSAN 2021-09-14 14:29:27 -04:00
subr_csan.c atomic: Intercept atomic_(load|store)_bool for kernel sanitizers 2022-10-29 11:10:58 -04:00
subr_devmap.c Remove pre-armv6 support from devmap 2022-10-05 09:56:17 +01:00
subr_devstat.c devstat: Remove DTrace io probes lacking a BIO reference 2022-08-29 13:22:36 -04:00
subr_disk.c
subr_dummy_vdso_tc.c
subr_early.c
subr_epoch.c Move kstack_contains() and GET_STACK_USAGE() to MD machine/stack.h 2023-02-02 00:59:26 +02:00
subr_eventhandler.c
subr_fattime.c
subr_filter.c kern: Fix two typos in source code comments 2022-04-02 14:15:27 +02:00
subr_firmware.c subr_firmware.c::unloadentry(): remote write-only variable 2021-10-21 21:40:46 +03:00
subr_gtaskqueue.c
subr_hash.c
subr_hints.c Optimize res_find(). 2021-08-08 21:54:49 -04:00
subr_intr.c intrng: track counter allocation with a bitmap 2023-02-14 14:06:00 -04:00
subr_kdb.c mac: kdb/ddb framework hooks 2022-07-18 22:06:13 +00:00
subr_kobj.c kobj: plug set-but-not-used vars 2021-12-14 14:52:25 +00:00
subr_lock.c locks: whack a failed experiment in form of restrict_starvation 2022-09-16 17:29:37 +00:00
subr_log.c Document kern.log_wakeups_per_second. 2021-08-04 11:50:34 -07:00
subr_mchain.c
subr_module.c sysctl debug.dump_modinfo should recognize font module 2021-01-08 09:24:49 +02:00
subr_msan.c atomic: Intercept atomic_(load|store)_bool for kernel sanitizers 2022-10-29 11:10:58 -04:00
subr_msgbuf.c msgbuf: Allow microsecond granularity timestamps 2022-05-07 09:32:22 -06:00
subr_param.c time(3): Optimize tvtohz() function. 2022-10-23 10:04:50 +02:00
subr_pcpu.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
subr_pctrie.c
subr_physmem.c kern: physmem: fix the format string again, i is a size_t 2023-02-20 23:39:38 -06:00
subr_pidctrl.c
subr_power.c
subr_prf.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
subr_prng.c
subr_prof.c AST: rework 2022-08-02 21:11:09 +03:00
subr_rangeset.c Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
subr_rman.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
subr_rtc.c
subr_sbuf.c sbuf(9): Microoptimize sbuf_put_byte() 2021-10-05 14:47:38 -04:00
subr_scanf.c
subr_sfbuf.c
subr_sglist.c sglist: Add sglist_append_single_mbuf(). 2021-05-25 16:59:18 -07:00
subr_sleepqueue.c sleepq_set_timeout_sbt(): correct comment to not talk about ticks 2022-08-20 20:33:17 +03:00
subr_smp.c subr_smp: Trim trailing whitespaces. 2023-01-29 16:18:17 +03:00
subr_smr.c
subr_stack.c
subr_stats.c rb_tree: reduce duplication in balancing code 2022-09-07 23:46:19 -05:00
subr_syscall.c Add a thread debugging flag TDB_BOUNDARY 2022-12-22 23:11:35 +02:00
subr_taskqueue.c LinuxKPI: Implement kthread_worker related functions 2022-05-17 15:10:20 +03:00
subr_terminal.c Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
subr_trap.c kern/subr_trap.c: cleanup no longer needed headers 2022-08-02 21:11:10 +03:00
subr_turnstile.c ddb: annotate some commands with DB_CMD_MEMSAFE 2022-07-18 22:06:09 +00:00
subr_uio.c
subr_unit.c unr: remove UNR64_LOCKED 2022-10-08 10:41:21 +00:00
subr_vmem.c vmem: disable debug.vmem_check by default 2021-09-02 18:28:45 +00:00
subr_witness.c Add tarfs, a filesystem backed by tarballs. 2023-02-02 18:19:29 +01:00
sys_capability.c fd: rename fget*_locked to fget*_noref 2022-02-22 18:53:43 +00:00
sys_eventfd.c struct kinfo_file changes needed for lsof to work using only usermode APIs` 2022-06-18 12:34:25 +03:00
sys_generic.c sockets: provide sousrsend() that does socket specific error handling 2022-12-14 10:02:44 -08:00
sys_getrandom.c
sys_pipe.c SPDX: Not BSD-4-Clause 2022-09-14 21:29:31 -06:00
sys_procdesc.c vfs: remove thread argument from VOP_STAT 2021-10-11 13:22:32 +00:00
sys_process.c ptrace(2): add PT_SC_REMOTE remote syscall request 2022-12-22 23:11:35 +02:00
sys_socket.c Unbreak the build when MAC is not defined 2022-12-14 17:39:25 -05:00
syscalls.c Regen 2021-12-09 02:49:10 +02:00
syscalls.master Allow posix_fadvise in capability mode 2022-04-14 15:11:21 -04:00
systrace_args.c Regen 2021-12-09 02:49:10 +02:00
sysv_ipc.c kern/sysv_ipc.c: use ANSI C function definition 2023-02-21 16:02:46 +02:00
sysv_msg.c Adjust function definitions in sysv_msg.c to avoid clang 15 warnings 2022-07-26 19:59:57 +02:00
sysv_sem.c sysv: ansify 2023-02-08 00:11:10 +00:00
sysv_shm.c Make SHMMAXPGS an unsigned long 2022-03-21 10:27:35 +00:00
tty_compat.c
tty_info.c tty: Default to printing kernel stack traceback only on INVARIANT kernels 2022-07-02 08:02:12 -06:00
tty_inq.c tty: Remove an incorrect assertion from ttyinq_line_iterate() 2022-04-12 17:30:04 -04:00
tty_outq.c Minor style cleanup 2021-04-18 11:14:17 -06:00
tty_pts.c sysent: Get rid of bogus sys/sysent.h include. 2022-05-28 20:52:17 +03:00
tty_tty.c Retire clone_drain_lock 2022-08-20 09:44:05 +00:00
tty_ttydisc.c
tty.c fd: rename fget*_locked to fget*_noref 2022-02-22 18:53:43 +00:00
uipc_accf.c Consistently use the SOLISTENING() macro 2021-06-14 17:32:27 -04:00
uipc_debug.c domains: use queue(9) SLIST for linked list of domains 2022-08-29 19:15:01 -07:00
uipc_domain.c protocols: make socket buffers ioctl handler changeable 2022-09-28 10:20:09 +00:00
uipc_ktls.c ktls: Fix comments & whitespace issues with c0e4090e3d 2023-02-09 14:11:24 -05:00
uipc_mbuf2.c mbuf_tags: use explicitly sized type for 'type' parameter 2021-12-29 09:23:52 +01:00
uipc_mbuf.c mbufs: isolate max_linkhdr and max_protohdr handling in the mbuf code 2022-08-29 19:14:25 -07:00
uipc_mbufhash.c
uipc_mqueue.c vfs: always retain path buffer after lookup 2022-09-17 09:10:38 +00:00
uipc_sem.c freebsd32: semid_t -> int32_t 2021-11-17 20:12:26 +00:00
uipc_shm.c shmfd: account for the actually allocated pages 2022-12-09 14:17:12 +02:00
uipc_sockbuf.c sockbufs: add sbreserve_locked_limit() with custom maxsockbuf limit. 2022-09-28 10:20:09 +00:00
uipc_socket.c tcp: Disallow re-connection of a connected socket 2023-02-14 10:07:19 -05:00
uipc_syscalls.c uipc: ansify 2023-02-13 18:20:29 +00:00
uipc_usrreq.c Revert "unix/dgram: return EAGAIN instead of ENOBUFS when O_NONBLOCK set" 2023-02-21 08:50:07 -08:00
vfs_acl.c vfs: stop using NDFREE 2022-12-19 08:07:23 +00:00
vfs_aio.c aio: Fix more synchronization issues in aio_biowakeup. 2023-02-15 13:32:52 -08:00
vfs_bio.c allocbuf(): convert direct panic() calls to KASSERT()s 2023-02-14 00:28:42 +02:00
vfs_cache.c vfs cache: whack set-but-not-used warn in cache_purgevfs 2023-02-21 13:48:35 +00:00
vfs_cluster.c cluster_write(): do not access buffer after it is released 2021-09-02 21:36:33 +03:00
vfs_default.c vfs: ansify 2023-02-07 23:03:20 +00:00
vfs_export.c vfs_export: Add mnt_exjail to control exports done in prisons 2023-02-21 13:00:42 -08:00
vfs_extattr.c vfs: stop using NDFREE 2022-12-19 08:07:23 +00:00
vfs_hash.c vfs_hash_rehash(): require the vnode to be exclusively locked 2021-08-27 18:39:45 +03:00
vfs_init.c Fix O(n^2) behavior in sysctl 2022-09-26 18:03:34 -06:00
vfs_lookup.c vfs: add the concept of vnode state transitions 2022-12-26 17:35:12 +00:00
vfs_mount.c vfs_export: Add mnt_exjail to control exports done in prisons 2023-02-21 13:00:42 -08:00
vfs_mountroot.c ufs/ffs: detect endian mismatch between machine and filesystem 2022-12-20 00:20:11 -03:00
vfs_subr.c Use maybe_yield() in a few more places 2023-02-09 11:58:06 -04:00
vfs_syscalls.c vfs: stop using SAVESTART for rename 2022-12-19 08:09:37 +00:00
vfs_vnops.c FIOSEEKHOLE/FIOSEEKDATA: correct consistency for bmap-based implementation 2023-02-04 20:32:07 +02:00
vnode_if.src vnode(9): Fix a typo in a source code comment 2022-08-07 16:08:43 +02:00