1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-20 11:11:24 +00:00
freebsd/sys/net
Robert Watson 91421ba234 o Move per-process jail pointer (p->pr_prison) to inside of the subject
credential structure, ucred (cr->cr_prison).
o Allow jail inheritence to be a function of credential inheritence.
o Abstract prison structure reference counting behind pr_hold() and
  pr_free(), invoked by the similarly named credential reference
  management functions, removing this code from per-ABI fork/exit code.
o Modify various jail() functions to use struct ucred arguments instead
  of struct proc arguments.
o Introduce jailed() function to determine if a credential is jailed,
  rather than directly checking pointers all over the place.
o Convert PRISON_CHECK() macro to prison_check() function.
o Move jail() function prototypes to jail.h.
o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the
  flag in the process flags field itself.
o Eliminate that "const" qualifier from suser/p_can/etc to reflect
  mutex use.

Notes:

o Some further cleanup of the linux/jail code is still required.
o It's now possible to consider resolving some of the process vs
  credential based permission checking confusion in the socket code.
o Mutex protection of struct prison is still not present, and is
  required to protect the reference count plus some fields in the
  structure.

Reviewed by:	freebsd-arch
Obtained from:	TrustedBSD Project
2001-02-21 06:39:57 +00:00
..
bpf_compat.h Small fix for bpf compat: 2000-12-27 22:20:13 +00:00
bpf_filter.c
bpf.c o Remove unnecessary jail() check in bpfopen() -- we limit device access 2001-02-21 05:34:34 +00:00
bpf.h
bpfdesc.h Add mutexes to the entire bpf subsystem to make it MPSAFE. 2001-02-16 17:10:28 +00:00
bridge.c Sync with the bridge/dummynet/ipfw code already tested in stable. 2001-02-10 00:10:18 +00:00
bridge.h MFS: bridge/ipfw/dummynet fixes (bridge.c will be committed separately) 2001-02-02 00:18:00 +00:00
bsd_comp.c
ethernet.h
fddi.h
hostcache.c Use <sys/queue.h> macro api rather than fondle its implementation detals. 2001-02-03 11:46:35 +00:00
hostcache.h
if_arp.h
if_atm.h
if_atmsubr.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
if_disc.c Exterminate the use of PSEUDO_SET() with extreme prejudice. 2001-01-31 07:58:58 +00:00
if_dl.h
if_ef.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
if_ethersubr.c Insert entropy harvesting calls for network traffic. By 2001-02-18 17:54:52 +00:00
if_faith.c Pull the rug from under the 'LKM Compatability' macro - PSEUDO_SET(). 2001-02-04 11:46:17 +00:00
if_fddisubr.c Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
if_gif.c * Rename M_WAIT mbuf subsystem flag to M_TRYWAIT. 2000-12-21 21:44:31 +00:00
if_gif.h
if_ieee80211.h
if_iso88025subr.c Lock down the network interface queues. The queue mutex must be obtained 2000-11-25 07:35:38 +00:00
if_llc.h
if_loop.c Exterminate the use of PSEUDO_SET() with extreme prejudice. 2001-01-31 07:58:58 +00:00
if_media.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
if_media.h
if_mib.c
if_mib.h
if_ppp.c Quieten gcc. 2001-01-31 08:27:09 +00:00
if_ppp.h
if_pppvar.h
if_sl.c Exterminate the use of PSEUDO_SET() with extreme prejudice. 2001-01-31 07:58:58 +00:00
if_slvar.h
if_sppp.h
if_spppsubr.c Use <sys/queue.h> macro api rather than fondle its implementation detals. 2001-02-03 11:46:35 +00:00
if_stf.c Use <sys/queue.h> macro api rather than fondle its implementation detals. 2001-02-03 11:46:35 +00:00
if_stf.h
if_tap.c Pass the minor number rather than the unit number to make_dev() 2001-02-02 03:32:25 +00:00
if_tap.h
if_tapvar.h
if_tun.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
if_tun.h
if_tunvar.h
if_types.h
if_var.h Change and clean the mutex lock interface. 2001-02-09 06:11:45 +00:00
if_vlan_var.h
if_vlan.c Fix another typo I missed on first reading: 2001-02-14 13:24:01 +00:00
if.c o Move per-process jail pointer (p->pr_prison) to inside of the subject 2001-02-21 06:39:57 +00:00
if.h o Move per-process jail pointer (p->pr_prison) to inside of the subject 2001-02-21 06:39:57 +00:00
intrq.c Insert entropy harvesting calls for network traffic. By 2001-02-18 17:54:52 +00:00
intrq.h
iso88025.h
net_osdep.c
net_osdep.h Pull the rug from under the 'LKM Compatability' macro - PSEUDO_SET(). 2001-02-04 11:46:17 +00:00
netisr.h Remove the last of the MD netisr code. It is now all MI. Remove 2000-12-05 00:36:00 +00:00
pfil.c Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
pfil.h
pfkeyv2.h
ppp_comp.h
ppp_deflate.c
ppp_defs.h
ppp_tty.c * Rename M_WAIT mbuf subsystem flag to M_TRYWAIT. 2000-12-21 21:44:31 +00:00
radix.c
radix.h
raw_cb.c
raw_cb.h
raw_usrreq.c
route.c
route.h
rtsock.c o Move per-process jail pointer (p->pr_prison) to inside of the subject 2001-02-21 06:39:57 +00:00
slcompress.c
slcompress.h
slip.h
zlib.c
zlib.h