1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2025 James Gritton. 5 * All rights reserved. 6 * 7 * This software was developed at the University of Cambridge Computer 8 * Laboratory with support from a grant from Google, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifndef _SYS_JAILDESC_H_ 33 #define _SYS_JAILDESC_H_ 34 35 #ifdef _KERNEL 36 37 #include <sys/queue.h> 38 #include <sys/_lock.h> 39 #include <sys/_mutex.h> 40 #include <sys/_types.h> 41 42 struct prison; 43 44 /*- 45 * struct jaildesc describes a jail descriptor, which points to a struct 46 * prison. struct prison in turn has a linked list of struct jaildesc. 47 * 48 * Locking key: 49 * (c) set on creation, remains unchanged 50 * (d) jd_lock 51 * (p) jd_prison->pr_mtx 52 */ 53 struct jaildesc { 54 LIST_ENTRY(jaildesc) jd_list; /* (d,p) this prison's descs */ 55 struct prison *jd_prison; /* (d) the prison */ 56 struct mtx jd_lock; 57 uid_t jd_uid; /* (d) nominal file owner */ 58 gid_t jd_gid; /* (d) nominal file group */ 59 mode_t jd_mode; /* (d) descriptor permissions */ 60 unsigned jd_flags; /* (d) JDF_* flags */ 61 }; 62 63 /* 64 * Locking macros for the jaildesc. 65 */ 66 #define JAILDESC_LOCK_DESTROY(jd) mtx_destroy(&(jd)->jd_lock) 67 #define JAILDESC_LOCK_INIT(jd) mtx_init(&(jd)->jd_lock, "jaildesc", \ 68 NULL, MTX_DEF) 69 #define JAILDESC_LOCK(jd) mtx_lock(&(jd)->jd_lock) 70 #define JAILDESC_UNLOCK(jd) mtx_unlock(&(jd)->jd_lock) 71 72 /* 73 * Flags for the jd_flags field 74 */ 75 #define JDF_REMOVED 0x00000002 /* jail was removed */ 76 77 int jaildesc_find(struct thread *td, int fd, struct jaildesc **jdp, 78 struct prison **prp, struct ucred **ucredp); 79 int jaildesc_alloc(struct thread *td, struct file **fpp, int *fdp, int owning); 80 void jaildesc_set_prison(struct file *jd, struct prison *pr); 81 void jaildesc_prison_cleanup(struct prison *pr); 82 83 #endif /* _KERNEL */ 84 85 #endif /* !_SYS_JAILDESC_H_ */ 86