1c6dfea0eSMarcel Moolenaar /*- 20ba1b365SEd Maste * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 37f2d13d6SPedro F. Giffuni * 4c6dfea0eSMarcel Moolenaar * Copyright (c) 1999 Marcel Moolenaar 5c6dfea0eSMarcel Moolenaar * All rights reserved. 6c6dfea0eSMarcel Moolenaar * 7c6dfea0eSMarcel Moolenaar * Redistribution and use in source and binary forms, with or without 8c6dfea0eSMarcel Moolenaar * modification, are permitted provided that the following conditions 9c6dfea0eSMarcel Moolenaar * are met: 10c6dfea0eSMarcel Moolenaar * 1. Redistributions of source code must retain the above copyright 110ba1b365SEd Maste * notice, this list of conditions and the following disclaimer. 12c6dfea0eSMarcel Moolenaar * 2. Redistributions in binary form must reproduce the above copyright 13c6dfea0eSMarcel Moolenaar * notice, this list of conditions and the following disclaimer in the 14c6dfea0eSMarcel Moolenaar * documentation and/or other materials provided with the distribution. 15c6dfea0eSMarcel Moolenaar * 160ba1b365SEd Maste * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 170ba1b365SEd Maste * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 180ba1b365SEd Maste * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 190ba1b365SEd Maste * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 200ba1b365SEd Maste * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 210ba1b365SEd Maste * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 220ba1b365SEd Maste * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 230ba1b365SEd Maste * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 240ba1b365SEd Maste * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 250ba1b365SEd Maste * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 260ba1b365SEd Maste * SUCH DAMAGE. 27c6dfea0eSMarcel Moolenaar */ 28c6dfea0eSMarcel Moolenaar 2916dbc7f2SDavid E. O'Brien #include <sys/cdefs.h> 3016dbc7f2SDavid E. O'Brien __FBSDID("$FreeBSD$"); 3116dbc7f2SDavid E. O'Brien 32c6dfea0eSMarcel Moolenaar #include <sys/param.h> 33c6dfea0eSMarcel Moolenaar #include <sys/kernel.h> 3419e252baSAlexander Leidinger #include <sys/sdt.h> 35c6dfea0eSMarcel Moolenaar #include <sys/systm.h> 36c6dfea0eSMarcel Moolenaar #include <sys/sysctl.h> 37c6dfea0eSMarcel Moolenaar #include <sys/proc.h> 38c6dfea0eSMarcel Moolenaar #include <sys/malloc.h> 397ae27ff4SJamie Gritton #include <sys/mount.h> 40c6dfea0eSMarcel Moolenaar #include <sys/jail.h> 4101137630SRobert Watson #include <sys/lock.h> 427ae27ff4SJamie Gritton #include <sys/sx.h> 43c6dfea0eSMarcel Moolenaar 44607d46efSMarcel Moolenaar #include <compat/linux/linux_mib.h> 45d825ce0aSJohn Baldwin #include <compat/linux/linux_misc.h> 46c6dfea0eSMarcel Moolenaar 47c6dfea0eSMarcel Moolenaar struct linux_prison { 48c6dfea0eSMarcel Moolenaar char pr_osname[LINUX_MAX_UTSNAME]; 49c6dfea0eSMarcel Moolenaar char pr_osrelease[LINUX_MAX_UTSNAME]; 50c6dfea0eSMarcel Moolenaar int pr_oss_version; 51580dd797SDmitry Chagin int pr_osrel; 52c6dfea0eSMarcel Moolenaar }; 53c6dfea0eSMarcel Moolenaar 540304c731SJamie Gritton static struct linux_prison lprison0 = { 550304c731SJamie Gritton .pr_osname = "Linux", 56a6326909SDmitry Chagin .pr_osrelease = LINUX_VERSION_STR, 570304c731SJamie Gritton .pr_oss_version = 0x030600, 58a6326909SDmitry Chagin .pr_osrel = LINUX_VERSION_CODE 590304c731SJamie Gritton }; 600304c731SJamie Gritton 617ae27ff4SJamie Gritton static unsigned linux_osd_jail_slot; 627ae27ff4SJamie Gritton 637029da5cSPawel Biernacki SYSCTL_NODE(_compat, OID_AUTO, linux, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 647029da5cSPawel Biernacki "Linux mode"); 65c6dfea0eSMarcel Moolenaar 668ec6c4a3SAlexander Leidinger int linux_debug = 3; 67462171d9SEdward Tomasz Napierala SYSCTL_INT(_compat_linux, OID_AUTO, debug, CTLFLAG_RWTUN, 68462171d9SEdward Tomasz Napierala &linux_debug, 0, "Log warnings from linux(4); or 0 to disable"); 69462171d9SEdward Tomasz Napierala 708c5059e9SEdward Tomasz Napierala int linux_default_openfiles = 1024; 718c5059e9SEdward Tomasz Napierala SYSCTL_INT(_compat_linux, OID_AUTO, default_openfiles, CTLFLAG_RWTUN, 728c5059e9SEdward Tomasz Napierala &linux_default_openfiles, 0, 738c5059e9SEdward Tomasz Napierala "Default soft openfiles resource limit, or -1 for unlimited"); 748c5059e9SEdward Tomasz Napierala 751c34dcb5SEdward Tomasz Napierala int linux_default_stacksize = 8 * 1024 * 1024; 761c34dcb5SEdward Tomasz Napierala SYSCTL_INT(_compat_linux, OID_AUTO, default_stacksize, CTLFLAG_RWTUN, 771c34dcb5SEdward Tomasz Napierala &linux_default_stacksize, 0, 781c34dcb5SEdward Tomasz Napierala "Default soft stack size resource limit, or -1 for unlimited"); 791c34dcb5SEdward Tomasz Napierala 8054669eb7SEdward Tomasz Napierala int linux_dummy_rlimits = 0; 8154669eb7SEdward Tomasz Napierala SYSCTL_INT(_compat_linux, OID_AUTO, dummy_rlimits, CTLFLAG_RWTUN, 8254669eb7SEdward Tomasz Napierala &linux_dummy_rlimits, 0, 8354669eb7SEdward Tomasz Napierala "Return dummy values for unsupported Linux-specific rlimits"); 8454669eb7SEdward Tomasz Napierala 85da6d8ae6SEdward Tomasz Napierala int linux_ignore_ip_recverr = 1; 86da6d8ae6SEdward Tomasz Napierala SYSCTL_INT(_compat_linux, OID_AUTO, ignore_ip_recverr, CTLFLAG_RWTUN, 87da6d8ae6SEdward Tomasz Napierala &linux_ignore_ip_recverr, 0, "Ignore enabling IP_RECVERR"); 88da6d8ae6SEdward Tomasz Napierala 892cf9eb6cSEdward Tomasz Napierala int linux_preserve_vstatus = 0; 902cf9eb6cSEdward Tomasz Napierala SYSCTL_INT(_compat_linux, OID_AUTO, preserve_vstatus, CTLFLAG_RWTUN, 912cf9eb6cSEdward Tomasz Napierala &linux_preserve_vstatus, 0, "Preserve VSTATUS termios(4) flag"); 922cf9eb6cSEdward Tomasz Napierala 93b4147bf6STijl Coosemans bool linux_map_sched_prio = true; 94b4147bf6STijl Coosemans SYSCTL_BOOL(_compat_linux, OID_AUTO, map_sched_prio, CTLFLAG_RDTUN, 95b4147bf6STijl Coosemans &linux_map_sched_prio, 0, "Map scheduler priorities to Linux priorities " 96b4147bf6STijl Coosemans "(not POSIX compliant)"); 97b4147bf6STijl Coosemans 98a125ed50SMateusz Guzik int linux_use_emul_path = 1; 99a125ed50SMateusz Guzik SYSCTL_INT(_compat_linux, OID_AUTO, use_emul_path, CTLFLAG_RWTUN, 100a125ed50SMateusz Guzik &linux_use_emul_path, 0, "Use linux.compat.emul_path"); 101a125ed50SMateusz Guzik 102598f6fb4SKonstantin Belousov static bool linux_setid_allowed = true; 103598f6fb4SKonstantin Belousov SYSCTL_BOOL(_compat_linux, OID_AUTO, setid_allowed, CTLFLAG_RWTUN, 104598f6fb4SKonstantin Belousov &linux_setid_allowed, 0, 105598f6fb4SKonstantin Belousov "Allow setuid/setgid on execve of Linux binary"); 106598f6fb4SKonstantin Belousov 107*62b8258aSKonstantin Belousov int 108598f6fb4SKonstantin Belousov linux_setid_allowed_query(struct thread *td __unused, 109598f6fb4SKonstantin Belousov struct image_params *imgp __unused) 110598f6fb4SKonstantin Belousov { 111598f6fb4SKonstantin Belousov return (linux_setid_allowed); 112598f6fb4SKonstantin Belousov } 113598f6fb4SKonstantin Belousov 1140d7b5e54SAlexander Leidinger static int linux_set_osname(struct thread *td, char *osname); 1150d7b5e54SAlexander Leidinger static int linux_set_osrelease(struct thread *td, char *osrelease); 1160d7b5e54SAlexander Leidinger static int linux_set_oss_version(struct thread *td, int oss_version); 1170d7b5e54SAlexander Leidinger 118c6dfea0eSMarcel Moolenaar static int 11982d9ae4eSPoul-Henning Kamp linux_sysctl_osname(SYSCTL_HANDLER_ARGS) 120c6dfea0eSMarcel Moolenaar { 121c6dfea0eSMarcel Moolenaar char osname[LINUX_MAX_UTSNAME]; 122c6dfea0eSMarcel Moolenaar int error; 123c6dfea0eSMarcel Moolenaar 124b62f75cfSJohn Baldwin linux_get_osname(req->td, osname); 125c6dfea0eSMarcel Moolenaar error = sysctl_handle_string(oidp, osname, LINUX_MAX_UTSNAME, req); 12667d39748SDmitry Chagin if (error != 0 || req->newptr == NULL) 127c6dfea0eSMarcel Moolenaar return (error); 128b62f75cfSJohn Baldwin error = linux_set_osname(req->td, osname); 12919e252baSAlexander Leidinger 130c6dfea0eSMarcel Moolenaar return (error); 131c6dfea0eSMarcel Moolenaar } 132c6dfea0eSMarcel Moolenaar 133c6dfea0eSMarcel Moolenaar SYSCTL_PROC(_compat_linux, OID_AUTO, osname, 13484a8cad0SJamie Gritton CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 135c6dfea0eSMarcel Moolenaar 0, 0, linux_sysctl_osname, "A", 136c6dfea0eSMarcel Moolenaar "Linux kernel OS name"); 137c6dfea0eSMarcel Moolenaar 138c6dfea0eSMarcel Moolenaar static int 13982d9ae4eSPoul-Henning Kamp linux_sysctl_osrelease(SYSCTL_HANDLER_ARGS) 140c6dfea0eSMarcel Moolenaar { 141c6dfea0eSMarcel Moolenaar char osrelease[LINUX_MAX_UTSNAME]; 142c6dfea0eSMarcel Moolenaar int error; 143c6dfea0eSMarcel Moolenaar 144b62f75cfSJohn Baldwin linux_get_osrelease(req->td, osrelease); 145c6dfea0eSMarcel Moolenaar error = sysctl_handle_string(oidp, osrelease, LINUX_MAX_UTSNAME, req); 14667d39748SDmitry Chagin if (error != 0 || req->newptr == NULL) 147c6dfea0eSMarcel Moolenaar return (error); 148b62f75cfSJohn Baldwin error = linux_set_osrelease(req->td, osrelease); 14919e252baSAlexander Leidinger 150c6dfea0eSMarcel Moolenaar return (error); 151c6dfea0eSMarcel Moolenaar } 152c6dfea0eSMarcel Moolenaar 153c6dfea0eSMarcel Moolenaar SYSCTL_PROC(_compat_linux, OID_AUTO, osrelease, 15484a8cad0SJamie Gritton CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 155c6dfea0eSMarcel Moolenaar 0, 0, linux_sysctl_osrelease, "A", 156c6dfea0eSMarcel Moolenaar "Linux kernel OS release"); 157c6dfea0eSMarcel Moolenaar 158c6dfea0eSMarcel Moolenaar static int 15982d9ae4eSPoul-Henning Kamp linux_sysctl_oss_version(SYSCTL_HANDLER_ARGS) 160c6dfea0eSMarcel Moolenaar { 161c6dfea0eSMarcel Moolenaar int oss_version; 162c6dfea0eSMarcel Moolenaar int error; 163c6dfea0eSMarcel Moolenaar 164b62f75cfSJohn Baldwin oss_version = linux_get_oss_version(req->td); 165c6dfea0eSMarcel Moolenaar error = sysctl_handle_int(oidp, &oss_version, 0, req); 16667d39748SDmitry Chagin if (error != 0 || req->newptr == NULL) 167c6dfea0eSMarcel Moolenaar return (error); 168b62f75cfSJohn Baldwin error = linux_set_oss_version(req->td, oss_version); 16919e252baSAlexander Leidinger 170c6dfea0eSMarcel Moolenaar return (error); 171c6dfea0eSMarcel Moolenaar } 172c6dfea0eSMarcel Moolenaar 173c6dfea0eSMarcel Moolenaar SYSCTL_PROC(_compat_linux, OID_AUTO, oss_version, 17484a8cad0SJamie Gritton CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 175c6dfea0eSMarcel Moolenaar 0, 0, linux_sysctl_oss_version, "I", 176c6dfea0eSMarcel Moolenaar "Linux OSS version"); 177c6dfea0eSMarcel Moolenaar 17801137630SRobert Watson /* 179580dd797SDmitry Chagin * Map the osrelease into integer 180580dd797SDmitry Chagin */ 181580dd797SDmitry Chagin static int 182580dd797SDmitry Chagin linux_map_osrel(char *osrelease, int *osrel) 183580dd797SDmitry Chagin { 184580dd797SDmitry Chagin char *sep, *eosrelease; 185580dd797SDmitry Chagin int len, v0, v1, v2, v; 186580dd797SDmitry Chagin 187580dd797SDmitry Chagin len = strlen(osrelease); 188580dd797SDmitry Chagin eosrelease = osrelease + len; 189580dd797SDmitry Chagin v0 = strtol(osrelease, &sep, 10); 19067d39748SDmitry Chagin if (osrelease == sep || sep + 1 >= eosrelease || *sep != '.') 191580dd797SDmitry Chagin return (EINVAL); 192580dd797SDmitry Chagin osrelease = sep + 1; 193580dd797SDmitry Chagin v1 = strtol(osrelease, &sep, 10); 19467d39748SDmitry Chagin if (osrelease == sep || sep + 1 >= eosrelease || *sep != '.') 195580dd797SDmitry Chagin return (EINVAL); 196580dd797SDmitry Chagin osrelease = sep + 1; 197580dd797SDmitry Chagin v2 = strtol(osrelease, &sep, 10); 1987a8cbc52SEdward Tomasz Napierala if (osrelease == sep || 1997a8cbc52SEdward Tomasz Napierala (sep != eosrelease && (sep + 1 >= eosrelease || *sep != '-'))) 200580dd797SDmitry Chagin return (EINVAL); 201580dd797SDmitry Chagin 20235755049SChuck Tuffli v = LINUX_KERNVER(v0, v1, v2); 20335755049SChuck Tuffli if (v < LINUX_KERNVER(1, 0, 0)) 204580dd797SDmitry Chagin return (EINVAL); 205580dd797SDmitry Chagin 206d56cf22dSJamie Gritton if (osrel != NULL) 207580dd797SDmitry Chagin *osrel = v; 20819e252baSAlexander Leidinger 209580dd797SDmitry Chagin return (0); 210580dd797SDmitry Chagin } 211580dd797SDmitry Chagin 212580dd797SDmitry Chagin /* 2130304c731SJamie Gritton * Find a prison with Linux info. 2140304c731SJamie Gritton * Return the Linux info and the (locked) prison. 21501137630SRobert Watson */ 2167ae27ff4SJamie Gritton static struct linux_prison * 2170304c731SJamie Gritton linux_find_prison(struct prison *spr, struct prison **prp) 218c6dfea0eSMarcel Moolenaar { 2197ae27ff4SJamie Gritton struct prison *pr; 2207ae27ff4SJamie Gritton struct linux_prison *lpr; 221c6dfea0eSMarcel Moolenaar 2220304c731SJamie Gritton for (pr = spr;; pr = pr->pr_parent) { 223b62f75cfSJohn Baldwin mtx_lock(&pr->pr_mtx); 2240304c731SJamie Gritton lpr = (pr == &prison0) 2250304c731SJamie Gritton ? &lprison0 2260304c731SJamie Gritton : osd_jail_get(pr, linux_osd_jail_slot); 2270304c731SJamie Gritton if (lpr != NULL) 2280304c731SJamie Gritton break; 2297ae27ff4SJamie Gritton mtx_unlock(&pr->pr_mtx); 2300304c731SJamie Gritton } 2310304c731SJamie Gritton *prp = pr; 23219e252baSAlexander Leidinger 2337ae27ff4SJamie Gritton return (lpr); 2347ae27ff4SJamie Gritton } 2357ae27ff4SJamie Gritton 23601137630SRobert Watson /* 2370304c731SJamie Gritton * Ensure a prison has its own Linux info. If lprp is non-null, point it to 2380304c731SJamie Gritton * the Linux info and lock the prison. 2397ae27ff4SJamie Gritton */ 2407ab25e3dSJamie Gritton static void 2417ae27ff4SJamie Gritton linux_alloc_prison(struct prison *pr, struct linux_prison **lprp) 2427ae27ff4SJamie Gritton { 2430304c731SJamie Gritton struct prison *ppr; 2447ae27ff4SJamie Gritton struct linux_prison *lpr, *nlpr; 245aa90aec2SConrad Meyer void **rsv; 2467ae27ff4SJamie Gritton 2477ae27ff4SJamie Gritton /* If this prison already has Linux info, return that. */ 2480304c731SJamie Gritton lpr = linux_find_prison(pr, &ppr); 2490304c731SJamie Gritton if (ppr == pr) 2507ae27ff4SJamie Gritton goto done; 2517ae27ff4SJamie Gritton /* 2527ae27ff4SJamie Gritton * Allocate a new info record. Then check again, in case something 2537ae27ff4SJamie Gritton * changed during the allocation. 25401137630SRobert Watson */ 2550304c731SJamie Gritton mtx_unlock(&ppr->pr_mtx); 2567ae27ff4SJamie Gritton nlpr = malloc(sizeof(struct linux_prison), M_PRISON, M_WAITOK); 2577ab25e3dSJamie Gritton rsv = osd_reserve(linux_osd_jail_slot); 2580304c731SJamie Gritton lpr = linux_find_prison(pr, &ppr); 2590304c731SJamie Gritton if (ppr == pr) { 2607ae27ff4SJamie Gritton free(nlpr, M_PRISON); 2617ab25e3dSJamie Gritton osd_free_reserved(rsv); 2627ae27ff4SJamie Gritton goto done; 26301137630SRobert Watson } 2640304c731SJamie Gritton /* Inherit the initial values from the ancestor. */ 2650304c731SJamie Gritton mtx_lock(&pr->pr_mtx); 2667ab25e3dSJamie Gritton (void)osd_jail_set_reserved(pr, linux_osd_jail_slot, rsv, nlpr); 2670304c731SJamie Gritton bcopy(lpr, nlpr, sizeof(*lpr)); 2687ae27ff4SJamie Gritton lpr = nlpr; 2690304c731SJamie Gritton mtx_unlock(&ppr->pr_mtx); 2707ae27ff4SJamie Gritton done: 2717ae27ff4SJamie Gritton if (lprp != NULL) 2727ae27ff4SJamie Gritton *lprp = lpr; 2730304c731SJamie Gritton else 2740304c731SJamie Gritton mtx_unlock(&pr->pr_mtx); 2757ae27ff4SJamie Gritton } 2767ae27ff4SJamie Gritton 2777ae27ff4SJamie Gritton /* 2787ae27ff4SJamie Gritton * Jail OSD methods for Linux prison data. 2797ae27ff4SJamie Gritton */ 2807ae27ff4SJamie Gritton static int 2817ae27ff4SJamie Gritton linux_prison_create(void *obj, void *data) 2827ae27ff4SJamie Gritton { 2837ae27ff4SJamie Gritton struct prison *pr = obj; 2847ae27ff4SJamie Gritton struct vfsoptlist *opts = data; 28567d39748SDmitry Chagin int jsys; 2867ae27ff4SJamie Gritton 28767d39748SDmitry Chagin if (vfs_copyopt(opts, "linux", &jsys, sizeof(jsys)) == 0 && 28867d39748SDmitry Chagin jsys == JAIL_SYS_INHERIT) 2897ae27ff4SJamie Gritton return (0); 2907ae27ff4SJamie Gritton /* 2917ae27ff4SJamie Gritton * Inherit a prison's initial values from its parent 2927cbf7213SJamie Gritton * (different from JAIL_SYS_INHERIT which also inherits changes). 2937ae27ff4SJamie Gritton */ 2947ab25e3dSJamie Gritton linux_alloc_prison(pr, NULL); 2957ab25e3dSJamie Gritton return (0); 2967ae27ff4SJamie Gritton } 2977ae27ff4SJamie Gritton 2987ae27ff4SJamie Gritton static int 2997ae27ff4SJamie Gritton linux_prison_check(void *obj __unused, void *data) 3007ae27ff4SJamie Gritton { 3017ae27ff4SJamie Gritton struct vfsoptlist *opts = data; 3027ae27ff4SJamie Gritton char *osname, *osrelease; 303d56cf22dSJamie Gritton int error, jsys, len, oss_version; 3047ae27ff4SJamie Gritton 3057ae27ff4SJamie Gritton /* Check that the parameters are correct. */ 3067cbf7213SJamie Gritton error = vfs_copyopt(opts, "linux", &jsys, sizeof(jsys)); 3077cbf7213SJamie Gritton if (error != ENOENT) { 30867d39748SDmitry Chagin if (error != 0) 3097cbf7213SJamie Gritton return (error); 31067d39748SDmitry Chagin if (jsys != JAIL_SYS_NEW && jsys != JAIL_SYS_INHERIT) 3117cbf7213SJamie Gritton return (EINVAL); 3127cbf7213SJamie Gritton } 3137ae27ff4SJamie Gritton error = vfs_getopt(opts, "linux.osname", (void **)&osname, &len); 3147ae27ff4SJamie Gritton if (error != ENOENT) { 31567d39748SDmitry Chagin if (error != 0) 3167ae27ff4SJamie Gritton return (error); 31767d39748SDmitry Chagin if (len == 0 || osname[len - 1] != '\0') 3187ae27ff4SJamie Gritton return (EINVAL); 3197ae27ff4SJamie Gritton if (len > LINUX_MAX_UTSNAME) { 3207ae27ff4SJamie Gritton vfs_opterror(opts, "linux.osname too long"); 3217ae27ff4SJamie Gritton return (ENAMETOOLONG); 3227ae27ff4SJamie Gritton } 3237ae27ff4SJamie Gritton } 3247ae27ff4SJamie Gritton error = vfs_getopt(opts, "linux.osrelease", (void **)&osrelease, &len); 3257ae27ff4SJamie Gritton if (error != ENOENT) { 32667d39748SDmitry Chagin if (error != 0) 3277ae27ff4SJamie Gritton return (error); 32867d39748SDmitry Chagin if (len == 0 || osrelease[len - 1] != '\0') 3297ae27ff4SJamie Gritton return (EINVAL); 3307ae27ff4SJamie Gritton if (len > LINUX_MAX_UTSNAME) { 3317ae27ff4SJamie Gritton vfs_opterror(opts, "linux.osrelease too long"); 3327ae27ff4SJamie Gritton return (ENAMETOOLONG); 3337ae27ff4SJamie Gritton } 334d56cf22dSJamie Gritton error = linux_map_osrel(osrelease, NULL); 3350304c731SJamie Gritton if (error != 0) { 3360304c731SJamie Gritton vfs_opterror(opts, "linux.osrelease format error"); 3370304c731SJamie Gritton return (error); 3380304c731SJamie Gritton } 3397ae27ff4SJamie Gritton } 3407ae27ff4SJamie Gritton error = vfs_copyopt(opts, "linux.oss_version", &oss_version, 3417ae27ff4SJamie Gritton sizeof(oss_version)); 34219e252baSAlexander Leidinger 34319e252baSAlexander Leidinger if (error == ENOENT) 34419e252baSAlexander Leidinger error = 0; 34519e252baSAlexander Leidinger return (error); 3467ae27ff4SJamie Gritton } 3477ae27ff4SJamie Gritton 3487ae27ff4SJamie Gritton static int 3497ae27ff4SJamie Gritton linux_prison_set(void *obj, void *data) 3507ae27ff4SJamie Gritton { 3517ae27ff4SJamie Gritton struct linux_prison *lpr; 3527ae27ff4SJamie Gritton struct prison *pr = obj; 3537ae27ff4SJamie Gritton struct vfsoptlist *opts = data; 3547ae27ff4SJamie Gritton char *osname, *osrelease; 3557cbf7213SJamie Gritton int error, gotversion, jsys, len, oss_version; 3567ae27ff4SJamie Gritton 3577ae27ff4SJamie Gritton /* Set the parameters, which should be correct. */ 3587cbf7213SJamie Gritton error = vfs_copyopt(opts, "linux", &jsys, sizeof(jsys)); 3597cbf7213SJamie Gritton if (error == ENOENT) 3607cbf7213SJamie Gritton jsys = -1; 3617ae27ff4SJamie Gritton error = vfs_getopt(opts, "linux.osname", (void **)&osname, &len); 3627ae27ff4SJamie Gritton if (error == ENOENT) 3637ae27ff4SJamie Gritton osname = NULL; 3647ae27ff4SJamie Gritton else 3657cbf7213SJamie Gritton jsys = JAIL_SYS_NEW; 3667ae27ff4SJamie Gritton error = vfs_getopt(opts, "linux.osrelease", (void **)&osrelease, &len); 3677ae27ff4SJamie Gritton if (error == ENOENT) 3687ae27ff4SJamie Gritton osrelease = NULL; 3697ae27ff4SJamie Gritton else 3707cbf7213SJamie Gritton jsys = JAIL_SYS_NEW; 3717ae27ff4SJamie Gritton error = vfs_copyopt(opts, "linux.oss_version", &oss_version, 3727ae27ff4SJamie Gritton sizeof(oss_version)); 3737cbf7213SJamie Gritton if (error == ENOENT) 3747cbf7213SJamie Gritton gotversion = 0; 3757cbf7213SJamie Gritton else { 3767cbf7213SJamie Gritton gotversion = 1; 3777cbf7213SJamie Gritton jsys = JAIL_SYS_NEW; 3787cbf7213SJamie Gritton } 3797cbf7213SJamie Gritton switch (jsys) { 3807cbf7213SJamie Gritton case JAIL_SYS_INHERIT: 3817cbf7213SJamie Gritton /* "linux=inherit": inherit the parent's Linux info. */ 3827ae27ff4SJamie Gritton mtx_lock(&pr->pr_mtx); 3837ae27ff4SJamie Gritton osd_jail_del(pr, linux_osd_jail_slot); 3847ae27ff4SJamie Gritton mtx_unlock(&pr->pr_mtx); 3857cbf7213SJamie Gritton break; 3867cbf7213SJamie Gritton case JAIL_SYS_NEW: 3877ae27ff4SJamie Gritton /* 3887cbf7213SJamie Gritton * "linux=new" or "linux.*": 3897ae27ff4SJamie Gritton * the prison gets its own Linux info. 3907ae27ff4SJamie Gritton */ 3917ab25e3dSJamie Gritton linux_alloc_prison(pr, &lpr); 3927ae27ff4SJamie Gritton if (osrelease) { 393d56cf22dSJamie Gritton (void)linux_map_osrel(osrelease, &lpr->pr_osrel); 3947ae27ff4SJamie Gritton strlcpy(lpr->pr_osrelease, osrelease, 3957ae27ff4SJamie Gritton LINUX_MAX_UTSNAME); 3967ae27ff4SJamie Gritton } 397580dd797SDmitry Chagin if (osname) 398580dd797SDmitry Chagin strlcpy(lpr->pr_osname, osname, LINUX_MAX_UTSNAME); 3997ae27ff4SJamie Gritton if (gotversion) 4007ae27ff4SJamie Gritton lpr->pr_oss_version = oss_version; 4017ae27ff4SJamie Gritton mtx_unlock(&pr->pr_mtx); 4027ae27ff4SJamie Gritton } 40319e252baSAlexander Leidinger 4047ae27ff4SJamie Gritton return (0); 4057ae27ff4SJamie Gritton } 4067ae27ff4SJamie Gritton 4077cbf7213SJamie Gritton SYSCTL_JAIL_PARAM_SYS_NODE(linux, CTLFLAG_RW, "Jail Linux parameters"); 4087ae27ff4SJamie Gritton SYSCTL_JAIL_PARAM_STRING(_linux, osname, CTLFLAG_RW, LINUX_MAX_UTSNAME, 4097ae27ff4SJamie Gritton "Jail Linux kernel OS name"); 4107ae27ff4SJamie Gritton SYSCTL_JAIL_PARAM_STRING(_linux, osrelease, CTLFLAG_RW, LINUX_MAX_UTSNAME, 4117ae27ff4SJamie Gritton "Jail Linux kernel OS release"); 4127ae27ff4SJamie Gritton SYSCTL_JAIL_PARAM(_linux, oss_version, CTLTYPE_INT | CTLFLAG_RW, 4137ae27ff4SJamie Gritton "I", "Jail Linux OSS version"); 4147ae27ff4SJamie Gritton 4157ae27ff4SJamie Gritton static int 4167ae27ff4SJamie Gritton linux_prison_get(void *obj, void *data) 4177ae27ff4SJamie Gritton { 4187ae27ff4SJamie Gritton struct linux_prison *lpr; 4190304c731SJamie Gritton struct prison *ppr; 4207ae27ff4SJamie Gritton struct prison *pr = obj; 4217ae27ff4SJamie Gritton struct vfsoptlist *opts = data; 4227ae27ff4SJamie Gritton int error, i; 4237ae27ff4SJamie Gritton 4240304c731SJamie Gritton static int version0; 4250304c731SJamie Gritton 4260304c731SJamie Gritton /* See if this prison is the one with the Linux info. */ 4270304c731SJamie Gritton lpr = linux_find_prison(pr, &ppr); 4287cbf7213SJamie Gritton i = (ppr == pr) ? JAIL_SYS_NEW : JAIL_SYS_INHERIT; 4297ae27ff4SJamie Gritton error = vfs_setopt(opts, "linux", &i, sizeof(i)); 43067d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4317ae27ff4SJamie Gritton goto done; 4327cbf7213SJamie Gritton if (i) { 4337cbf7213SJamie Gritton error = vfs_setopts(opts, "linux.osname", lpr->pr_osname); 43467d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4357ae27ff4SJamie Gritton goto done; 4367cbf7213SJamie Gritton error = vfs_setopts(opts, "linux.osrelease", lpr->pr_osrelease); 43767d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4387cbf7213SJamie Gritton goto done; 4397cbf7213SJamie Gritton error = vfs_setopt(opts, "linux.oss_version", 4407cbf7213SJamie Gritton &lpr->pr_oss_version, sizeof(lpr->pr_oss_version)); 44167d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4427cbf7213SJamie Gritton goto done; 4437cbf7213SJamie Gritton } else { 4447ae27ff4SJamie Gritton /* 4450304c731SJamie Gritton * If this prison is inheriting its Linux info, report 4460304c731SJamie Gritton * empty/zero parameters. 4477ae27ff4SJamie Gritton */ 4480304c731SJamie Gritton error = vfs_setopts(opts, "linux.osname", ""); 44967d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4500304c731SJamie Gritton goto done; 4510304c731SJamie Gritton error = vfs_setopts(opts, "linux.osrelease", ""); 45267d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4530304c731SJamie Gritton goto done; 4540304c731SJamie Gritton error = vfs_setopt(opts, "linux.oss_version", &version0, 4550304c731SJamie Gritton sizeof(lpr->pr_oss_version)); 45667d39748SDmitry Chagin if (error != 0 && error != ENOENT) 4570304c731SJamie Gritton goto done; 4587ae27ff4SJamie Gritton } 4597ae27ff4SJamie Gritton error = 0; 4607ae27ff4SJamie Gritton 4617ae27ff4SJamie Gritton done: 4620304c731SJamie Gritton mtx_unlock(&ppr->pr_mtx); 46319e252baSAlexander Leidinger 4647ae27ff4SJamie Gritton return (error); 4657ae27ff4SJamie Gritton } 4667ae27ff4SJamie Gritton 4677ae27ff4SJamie Gritton static void 4687ae27ff4SJamie Gritton linux_prison_destructor(void *data) 4697ae27ff4SJamie Gritton { 4707ae27ff4SJamie Gritton 4717ae27ff4SJamie Gritton free(data, M_PRISON); 4727ae27ff4SJamie Gritton } 4737ae27ff4SJamie Gritton 4747ae27ff4SJamie Gritton void 4757ae27ff4SJamie Gritton linux_osd_jail_register(void) 4767ae27ff4SJamie Gritton { 4777ae27ff4SJamie Gritton struct prison *pr; 4787ae27ff4SJamie Gritton osd_method_t methods[PR_MAXMETHOD] = { 4797ae27ff4SJamie Gritton [PR_METHOD_CREATE] = linux_prison_create, 4807ae27ff4SJamie Gritton [PR_METHOD_GET] = linux_prison_get, 4817ae27ff4SJamie Gritton [PR_METHOD_SET] = linux_prison_set, 4827ae27ff4SJamie Gritton [PR_METHOD_CHECK] = linux_prison_check 4837ae27ff4SJamie Gritton }; 4847ae27ff4SJamie Gritton 4857ae27ff4SJamie Gritton linux_osd_jail_slot = 4867ae27ff4SJamie Gritton osd_jail_register(linux_prison_destructor, methods); 487eae594f7SEd Maste /* Copy the system Linux info to any current prisons. */ 4887ab25e3dSJamie Gritton sx_slock(&allprison_lock); 4890304c731SJamie Gritton TAILQ_FOREACH(pr, &allprison, pr_list) 4907ab25e3dSJamie Gritton linux_alloc_prison(pr, NULL); 4917ab25e3dSJamie Gritton sx_sunlock(&allprison_lock); 4927ae27ff4SJamie Gritton } 4937ae27ff4SJamie Gritton 4947ae27ff4SJamie Gritton void 4957ae27ff4SJamie Gritton linux_osd_jail_deregister(void) 4967ae27ff4SJamie Gritton { 4977ae27ff4SJamie Gritton 4987ae27ff4SJamie Gritton osd_jail_deregister(linux_osd_jail_slot); 499c6dfea0eSMarcel Moolenaar } 500c6dfea0eSMarcel Moolenaar 50101137630SRobert Watson void 502b62f75cfSJohn Baldwin linux_get_osname(struct thread *td, char *dst) 503c6dfea0eSMarcel Moolenaar { 5047ae27ff4SJamie Gritton struct prison *pr; 5057ae27ff4SJamie Gritton struct linux_prison *lpr; 506c6dfea0eSMarcel Moolenaar 5070304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 50801137630SRobert Watson bcopy(lpr->pr_osname, dst, LINUX_MAX_UTSNAME); 50901137630SRobert Watson mtx_unlock(&pr->pr_mtx); 5107ae27ff4SJamie Gritton } 511c6dfea0eSMarcel Moolenaar 5120d7b5e54SAlexander Leidinger static int 513b62f75cfSJohn Baldwin linux_set_osname(struct thread *td, char *osname) 514c6dfea0eSMarcel Moolenaar { 515b62f75cfSJohn Baldwin struct prison *pr; 516b62f75cfSJohn Baldwin struct linux_prison *lpr; 517c6dfea0eSMarcel Moolenaar 5180304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 5197ae27ff4SJamie Gritton strlcpy(lpr->pr_osname, osname, LINUX_MAX_UTSNAME); 520b62f75cfSJohn Baldwin mtx_unlock(&pr->pr_mtx); 52119e252baSAlexander Leidinger 522c6dfea0eSMarcel Moolenaar return (0); 523c6dfea0eSMarcel Moolenaar } 524c6dfea0eSMarcel Moolenaar 52501137630SRobert Watson void 526b62f75cfSJohn Baldwin linux_get_osrelease(struct thread *td, char *dst) 527c6dfea0eSMarcel Moolenaar { 5287ae27ff4SJamie Gritton struct prison *pr; 52901137630SRobert Watson struct linux_prison *lpr; 530c6dfea0eSMarcel Moolenaar 5310304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 5327ae27ff4SJamie Gritton bcopy(lpr->pr_osrelease, dst, LINUX_MAX_UTSNAME); 53301137630SRobert Watson mtx_unlock(&pr->pr_mtx); 5347ae27ff4SJamie Gritton } 535c6dfea0eSMarcel Moolenaar 536c6dfea0eSMarcel Moolenaar int 537580dd797SDmitry Chagin linux_kernver(struct thread *td) 5389ce8f9bcSAlexander Leidinger { 5399ce8f9bcSAlexander Leidinger struct prison *pr; 5409ce8f9bcSAlexander Leidinger struct linux_prison *lpr; 541580dd797SDmitry Chagin int osrel; 5429ce8f9bcSAlexander Leidinger 5430304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 544580dd797SDmitry Chagin osrel = lpr->pr_osrel; 5457ae27ff4SJamie Gritton mtx_unlock(&pr->pr_mtx); 54619e252baSAlexander Leidinger 547580dd797SDmitry Chagin return (osrel); 5489ce8f9bcSAlexander Leidinger } 5499ce8f9bcSAlexander Leidinger 5500d7b5e54SAlexander Leidinger static int 551b62f75cfSJohn Baldwin linux_set_osrelease(struct thread *td, char *osrelease) 552c6dfea0eSMarcel Moolenaar { 553b62f75cfSJohn Baldwin struct prison *pr; 554b62f75cfSJohn Baldwin struct linux_prison *lpr; 555580dd797SDmitry Chagin int error; 5569ce8f9bcSAlexander Leidinger 5570304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 558580dd797SDmitry Chagin error = linux_map_osrel(osrelease, &lpr->pr_osrel); 5590304c731SJamie Gritton if (error == 0) 5607ae27ff4SJamie Gritton strlcpy(lpr->pr_osrelease, osrelease, LINUX_MAX_UTSNAME); 561b62f75cfSJohn Baldwin mtx_unlock(&pr->pr_mtx); 56219e252baSAlexander Leidinger 563580dd797SDmitry Chagin return (error); 564580dd797SDmitry Chagin } 565c6dfea0eSMarcel Moolenaar 566c6dfea0eSMarcel Moolenaar int 567b62f75cfSJohn Baldwin linux_get_oss_version(struct thread *td) 568c6dfea0eSMarcel Moolenaar { 5697ae27ff4SJamie Gritton struct prison *pr; 5707ae27ff4SJamie Gritton struct linux_prison *lpr; 57101137630SRobert Watson int version; 57201137630SRobert Watson 5730304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 57401137630SRobert Watson version = lpr->pr_oss_version; 575b62f75cfSJohn Baldwin mtx_unlock(&pr->pr_mtx); 57619e252baSAlexander Leidinger 57701137630SRobert Watson return (version); 578c6dfea0eSMarcel Moolenaar } 579c6dfea0eSMarcel Moolenaar 5800d7b5e54SAlexander Leidinger static int 581b62f75cfSJohn Baldwin linux_set_oss_version(struct thread *td, int oss_version) 582c6dfea0eSMarcel Moolenaar { 583b62f75cfSJohn Baldwin struct prison *pr; 584b62f75cfSJohn Baldwin struct linux_prison *lpr; 585c6dfea0eSMarcel Moolenaar 5860304c731SJamie Gritton lpr = linux_find_prison(td->td_ucred->cr_prison, &pr); 587c6dfea0eSMarcel Moolenaar lpr->pr_oss_version = oss_version; 588b62f75cfSJohn Baldwin mtx_unlock(&pr->pr_mtx); 58919e252baSAlexander Leidinger 590c6dfea0eSMarcel Moolenaar return (0); 591c6dfea0eSMarcel Moolenaar } 592