MAC/do: Fix double-free on parse error after "executable paths" feature

parse_rules() has been calling toast_rules() in case of a parse error in
order to deallocate the 'struct rule' objects it has

MAC/do: Fix double-free on parse error after "executable paths" feature

parse_rules() has been calling toast_rules() in case of a parse error in
order to deallocate the 'struct rule' objects it has constructed up to
that point.

toast_rules() would take a pointer to a full 'struct rules' object, and
besides freeing all 'struct rule' referenced by it, would also free the
holding 'struct rules' itself.

With the introduction of the "executable paths" feature, and the
embedding of 'struct rules' into 'struct conf', meaning that the
lifecycle for 'struct rules' was no longer independent, toast_rules()
was changed not to free the passed 'struct rules' (as it was a field of
a 'struct conf' object). Unfortunately, this change was not completed
with a reinitialization of the rules list head, so the 'struct conf'
object would continue to reference just-freed rules, which then would be
freed a second time on destruction of that container.

So, make toast_rules() re-initialize the rules list in 'struct rules',
which it logically has been having to do since not freeing the enclosing
'struct rules'. This alone is enough to fix the bug, but let's use the
occasion to change the contract of parse_rules() and bring its herald
comment up-to-date: On error, parse_rules() now simply leaves already
constructed 'struct rule' objects in 'conf'. The latter is eventually
destroyed and the rule objects reclaimed at that point.

Add a test trying to set an invalid rules configuration with the first
rule being valid and the second being invalid, which triggers the bug
(and an immediate panic() on an INVARIANTS kernel).

Reported by: impost0r(ret2plt) <impostor@ret2p.lt>
Reviewed by: markj
Fixes: 9818224174c4 ("MAC/do: Executable paths feature (GSoC 2025's final state)")
Sponsored by: The FreeBSD Foundation

show more ...

MAC/do: Add consistency tests

Test that:
1. Concurrent changes to different parameters on the same jail are
independent/atomic.
2. Inheritance works.
3. Relaxing only parent jail rules does not l

MAC/do: Add consistency tests

Test that:
1. Concurrent changes to different parameters on the same jail are
independent/atomic.
2. Inheritance works.
3. Relaxing only parent jail rules does not leak to a subjail thanks to
sequential consistency.
4. Sysctl knobs and jail parameters stay consistent.

Some of these tests may be extended in the future with several layers of
jails (there is only a single subjail currently).

Reviewed by: bapt
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38

show more ...

MAC/do: Tests: Add support for exec paths, jail parameters, subjails

And also allow configuration of the mdo(1) executable path.

This commit only contains new or modified infrastructure. No functi

MAC/do: Tests: Add support for exec paths, jail parameters, subjails

And also allow configuration of the mdo(1) executable path.

This commit only contains new or modified infrastructure. No functional
change intended at this point.

Reviewed by: bapt
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38

show more ...

MAC/do: Tests: Quote the source directory

In a standard test suite installation, this is not necessary, but be
bullet-proof to custom ones, however improbable.

Reviewed by: bapt
MFC after:

MAC/do: Tests: Quote the source directory

In a standard test suite installation, this is not necessary, but be
bullet-proof to custom ones, however improbable.

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38

show more ...

MAC/do: Tests: Declare required programs closer to use

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pull

MAC/do: Tests: Declare required programs closer to use

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38

show more ...

MAC/do: Tests: Fix copyrights

No comma needed after a single year. Add SPDX.

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.free

MAC/do: Tests: Fix copyrights

No comma needed after a single year. Add SPDX.

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38

show more ...

MAC/do: Tests: Remove shebang lines

They are automatically added by <bsd.test.mk>.

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev

MAC/do: Tests: Remove shebang lines

They are automatically added by <bsd.test.mk>.

Reviewed by: bapt
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38

show more ...

MAC/do: Add basic tests on setting rules

MFC after: 1 minute
Sponsored by: The FreeBSD Foundation