| #
dfabf3ef |
| 04-Feb-2024 |
Mark Johnston <markj@FreeBSD.org> |
libjail: Guard against programmer error in jailparam_export()
If the caller didn't use jailparam_import() to fetch the parameter
value, an attempt to export it will trigger a segfault. Make it a bi
libjail: Guard against programmer error in jailparam_export()
If the caller didn't use jailparam_import() to fetch the parameter
value, an attempt to export it will trigger a segfault. Make it a bit
easier to figure out what's happening in this situation.
PR: 276809
Reviewed by: jamie
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43732
show more ...
|
| #
a2f733ab |
| 24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
lib: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remov
lib: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
show more ...
|
|
Revision tags: release/14.0.0 |
|
| #
1d386b48 |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
| #
4d846d26 |
| 10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
show more ...
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0, release/12.3.0, release/13.0.0, release/12.2.0, release/11.4.0 |
|
| #
accd6aa2 |
| 07-Jan-2020 |
Mark Johnston <markj@FreeBSD.org> |
libjail: Handle an error from reallocarray() when trimming the buffer.
There is no API guarantee that realloc() will not fail when the buffer
is shrinking. Handle it by simply returning the untrimm
libjail: Handle an error from reallocarray() when trimming the buffer.
There is no API guarantee that realloc() will not fail when the buffer
is shrinking. Handle it by simply returning the untrimmed buffer.
While this is unlikely to ever happen in practice, it seems worth
handling just to silence static analyzer warnings.
PR: 243106
Submitted by: Hans Christian Woithe <chwoithe@yahoo.com>
MFC after: 1 week
show more ...
|
|
Revision tags: release/12.1.0, release/11.3.0 |
|
| #
7f49ce7a |
| 28-Jun-2019 |
Alan Somers <asomers@FreeBSD.org> |
MFHead @349476
Sponsored by: The FreeBSD Foundation
|
| #
6ab631e8 |
| 22-Jun-2019 |
Devin Teske <dteske@FreeBSD.org> |
`libjail/jail.c' includes both <sys/param.h> and <sys/types.h>
Latter is undesired when including <sys/param.h> according to style(9)
Submitted by: Faraz Vahedi
Reviewed by: cem
Differential Revisi
`libjail/jail.c' includes both <sys/param.h> and <sys/types.h>
Latter is undesired when including <sys/param.h> according to style(9)
Submitted by: Faraz Vahedi
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D20637
show more ...
|
| #
f9856d08 |
| 21-Mar-2019 |
Alan Somers <asomers@FreeBSD.org> |
MFHead @345353
|
| #
123af6ec |
| 20-Mar-2019 |
Alan Somers <asomers@FreeBSD.org> |
Rename fuse(4) to fusefs(4)
This makes it more consistent with other filesystems, which all end in "fs",
and more consistent with its mount helper, which is already named
"mount_fusefs".
Reviewed b
Rename fuse(4) to fusefs(4)
This makes it more consistent with other filesystems, which all end in "fs",
and more consistent with its mount helper, which is already named
"mount_fusefs".
Reviewed by: cem, rgrimes
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19649
show more ...
|
|
Revision tags: release/12.0.0 |
|
| #
9b5cb2f6 |
| 12-Nov-2018 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r340235 through r340367.
|
| #
98f8234b |
| 10-Nov-2018 |
Alan Somers <asomers@FreeBSD.org> |
libjail: fix handling of allow.mount.fusefs in jailparam_init
fusefs is inconsistently named. The kernel module is named "fuse", but the
mount helper is named "mount_fusefs" and the jail(8) paramete
libjail: fix handling of allow.mount.fusefs in jailparam_init
fusefs is inconsistently named. The kernel module is named "fuse", but the
mount helper is named "mount_fusefs" and the jail(8) parameter is named
"allow.mount.fusefs". Special case it in libjail.
Reviewed by: jamie
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D17929
show more ...
|
|
Revision tags: release/11.2.0 |
|
| #
0e5c6bd4 |
| 04-May-2018 |
Jamie Gritton <jamie@FreeBSD.org> |
Make it easier for filesystems to count themselves as jail-enabled,
by doing most of the work in a new function prison_add_vfs in kern_jail.c
Now a jail-enabled filesystem need only mark itself with
Make it easier for filesystems to count themselves as jail-enabled,
by doing most of the work in a new function prison_add_vfs in kern_jail.c
Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and
the rest is taken care of. This includes adding a jail parameter like
allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed.
Both of these used to be a static list of known filesystems, with
predefined permission bits.
Reviewed by: kib
Differential Revision: D14681
show more ...
|
| #
f047b921 |
| 22-Mar-2018 |
Jamie Gritton <jamie@FreeBSD.org> |
If a jail parameter isn't found, try loading a related kernel module.
|
| #
5e53a4f9 |
| 26-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
lib: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
pr
lib: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
show more ...
|
|
Revision tags: release/10.4.0, release/11.1.0 |
|
| #
554491ff |
| 20-Apr-2017 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r316992 through r317215.
|
| #
6fd94039 |
| 16-Apr-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
libjail: make allocation in jailparam_all() somewhat more robust.
Unsign some variables involved in allocation as they will never be
negative anyways. Provide some bounds checking through reallocarr
libjail: make allocation in jailparam_all() somewhat more robust.
Unsign some variables involved in allocation as they will never be
negative anyways. Provide some bounds checking through reallocarray(3).
This is all very unlikely to have any visible effect.
Reviewed by: jamie
MFC after: 3 weeks
show more ...
|
| #
242b2482 |
| 09-Oct-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r306412 through r306905.
|
| #
e5edb779 |
| 02-Oct-2016 |
Ruslan Bukin <br@FreeBSD.org> |
Fix libjail reached latest sysctl entry.
Reviewed by: jamie
Sponsored by: DARPA, AFRL
Sponsored by: HEIF5
Differential Revision: https://reviews.freebsd.org/D8096
|
|
Revision tags: release/11.0.1, release/11.0.0, release/10.3.0, release/10.2.0 |
|
| #
98e0ffae |
| 27-May-2015 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Merge sync of head
|
| #
d899be7d |
| 19-Jan-2015 |
Glen Barber <gjb@FreeBSD.org> |
Reintegrate head: r274132-r277384
Sponsored by: The FreeBSD Foundation
|
| #
8f0ea33f |
| 13-Jan-2015 |
Glen Barber <gjb@FreeBSD.org> |
Reintegrate head revisions r273096-r277147
Sponsored by: The FreeBSD Foundation
|
| #
840e7092 |
| 29-Nov-2014 |
Enji Cooper <ngie@FreeBSD.org> |
MFHead @ r275232
|
| #
2c97f721 |
| 25-Nov-2014 |
Dimitry Andric <dim@FreeBSD.org> |
r274961 through r275075
|
| #
d031802b |
| 25-Nov-2014 |
Jamie Gritton <jamie@FreeBSD.org> |
In preparation for using clang's -Wcast-qual:
Use __DECONST (instead of my own attempted re-invention) for the iov
parameters to jail_get/set(2). Similarly remove the decost-ish hack
from execvp's
In preparation for using clang's -Wcast-qual:
Use __DECONST (instead of my own attempted re-invention) for the iov
parameters to jail_get/set(2). Similarly remove the decost-ish hack
from execvp's argv, except the __DECONST is only added at very end.
While I'm at it, remove an unused variable and fix a comment typo.
show more ...
|
|
Revision tags: release/10.1.0, release/9.3.0, release/10.0.0, release/9.2.0 |
|
| #
cfe30d02 |
| 19-Jun-2013 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Merge fresh head.
|