aboutsummaryrefslogtreecommitdiff
path: root/sys/sys
diff options
context:
space:
mode:
authorJamie Gritton <jamie@FreeBSD.org>2021-01-18 18:56:20 +0000
committerJamie Gritton <jamie@FreeBSD.org>2021-01-18 18:56:20 +0000
commit76ad42abf9d46c7a86c9e727603fe62e8b62a37b (patch)
treef68d95d80d378a4960fc71860f806c8369604e46 /sys/sys
parentefa9c21bca9873af9c9660f5aeffda9d5ae1dfb7 (diff)
downloadsrc-76ad42abf9d46c7a86c9e727603fe62e8b62a37b.tar.gz
src-76ad42abf9d46c7a86c9e727603fe62e8b62a37b.zip
jail: Add prison_isvalid() and prison_isalive()
prison_isvalid() checks if a prison record can be used at all, i.e. pr_ref > 0. This filters out prisons that aren't fully created, and those that are either in the process of being dismantled, or will be at the next opportunity. While the check for pr_ref > 0 is simple enough to make without a convenience function, this prepares the way for other measures of prison validity. prison_isalive() checks not only validity as far as the useablity of the prison structure, but also whether the prison is visible to user space. It replaces a test for pr_uref > 0, which is currently only used within kern_jail.c, and not often there. Both of these functions also assert that either the prison mutex or allprison_lock is held, since it's generally the case that unlocked prisons aren't guaranteed to remain useable for any length of time. This isn't entirely true, for example a thread can assume its own prison is good, but most exceptions will exist inside of kern_jail.c.
Diffstat (limited to 'sys/sys')
-rw-r--r--sys/sys/jail.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/sys/jail.h b/sys/sys/jail.h
index 96201b0638b3..67ef9347d093 100644
--- a/sys/sys/jail.h
+++ b/sys/sys/jail.h
@@ -407,6 +407,8 @@ void prison_proc_hold(struct prison *);
void prison_proc_free(struct prison *);
void prison_set_allow(struct ucred *cred, unsigned flag, int enable);
int prison_ischild(struct prison *, struct prison *);
+bool prison_isalive(struct prison *);
+bool prison_isvalid(struct prison *);
int prison_equal_ip4(struct prison *, struct prison *);
int prison_get_ip4(struct ucred *cred, struct in_addr *ia);
int prison_local_ip4(struct ucred *cred, struct in_addr *ia);