[a9153ec] | 1 | /** |
---|
| 2 | * @file |
---|
| 3 | * |
---|
| 4 | * @ingroup rtems_bsd_rtems |
---|
| 5 | * |
---|
[334957b] | 6 | * @brief This object is an minimal rtems implementation of kern_jail.c. |
---|
[a9153ec] | 7 | */ |
---|
| 8 | |
---|
| 9 | /* |
---|
| 10 | * Copyright (c) 2009, 2010 embedded brains GmbH. All rights reserved. |
---|
| 11 | * |
---|
| 12 | * embedded brains GmbH |
---|
| 13 | * Obere Lagerstr. 30 |
---|
| 14 | * 82178 Puchheim |
---|
| 15 | * Germany |
---|
| 16 | * <rtems@embedded-brains.de> |
---|
| 17 | * |
---|
[8420b94] | 18 | * Redistribution and use in source and binary forms, with or without |
---|
| 19 | * modification, are permitted provided that the following conditions |
---|
| 20 | * are met: |
---|
| 21 | * 1. Redistributions of source code must retain the above copyright |
---|
| 22 | * notice, this list of conditions and the following disclaimer. |
---|
| 23 | * 2. Redistributions in binary form must reproduce the above copyright |
---|
| 24 | * notice, this list of conditions and the following disclaimer in the |
---|
| 25 | * documentation and/or other materials provided with the distribution. |
---|
| 26 | * |
---|
| 27 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND |
---|
| 28 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
---|
| 29 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
---|
| 30 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
---|
| 31 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
---|
| 32 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
---|
| 33 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
---|
| 34 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
---|
| 35 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
---|
| 36 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
---|
| 37 | * SUCH DAMAGE. |
---|
[a9153ec] | 38 | */ |
---|
| 39 | |
---|
[6ad03bf] | 40 | #include <freebsd/machine/rtems-bsd-config.h> |
---|
[a9153ec] | 41 | |
---|
[6ad03bf] | 42 | /*#include <freebsd/sys/types.h> |
---|
| 43 | #include <freebsd/sys/systm.h> |
---|
| 44 | #include <freebsd/sys/malloc.h> |
---|
| 45 | #include <freebsd/sys/jail.h> |
---|
| 46 | #include <freebsd/sys/lock.h> |
---|
| 47 | #include <freebsd/sys/mutex.h>*/ |
---|
[a9153ec] | 48 | |
---|
[6ad03bf] | 49 | #include <freebsd/sys/param.h> |
---|
| 50 | #include <freebsd/sys/types.h> |
---|
| 51 | #include <freebsd/sys/kernel.h> |
---|
| 52 | #include <freebsd/sys/systm.h> |
---|
| 53 | #include <freebsd/sys/errno.h> |
---|
| 54 | #include <freebsd/sys/sysproto.h> |
---|
| 55 | #include <freebsd/sys/malloc.h> |
---|
| 56 | #include <freebsd/sys/osd.h> |
---|
| 57 | #include <freebsd/sys/priv.h> |
---|
| 58 | #include <freebsd/sys/proc.h> |
---|
| 59 | #include <freebsd/sys/taskqueue.h> |
---|
| 60 | #include <freebsd/sys/fcntl.h> |
---|
| 61 | #include <freebsd/sys/jail.h> |
---|
| 62 | #include <freebsd/sys/lock.h> |
---|
| 63 | #include <freebsd/sys/mutex.h> |
---|
| 64 | #include <freebsd/sys/sx.h> |
---|
| 65 | #include <freebsd/sys/sysent.h> |
---|
| 66 | #include <freebsd/sys/namei.h> |
---|
| 67 | #include <freebsd/sys/mount.h> |
---|
| 68 | #include <freebsd/sys/queue.h> |
---|
| 69 | #include <freebsd/sys/socket.h> |
---|
| 70 | #include <freebsd/sys/syscallsubr.h> |
---|
| 71 | #include <freebsd/sys/sysctl.h> |
---|
[a9153ec] | 72 | |
---|
| 73 | #define DEFAULT_HOSTUUID "00000000-0000-0000-0000-000000000000" |
---|
| 74 | |
---|
| 75 | /* Keep struct prison prison0 and some code in kern_jail_set() readable. */ |
---|
| 76 | #ifdef INET |
---|
| 77 | #ifdef INET6 |
---|
| 78 | #define _PR_IP_SADDRSEL PR_IP4_SADDRSEL|PR_IP6_SADDRSEL |
---|
| 79 | #else |
---|
| 80 | #define _PR_IP_SADDRSEL PR_IP4_SADDRSEL |
---|
| 81 | #endif |
---|
| 82 | #else /* !INET */ |
---|
| 83 | #ifdef INET6 |
---|
| 84 | #define _PR_IP_SADDRSEL PR_IP6_SADDRSEL |
---|
| 85 | #else |
---|
| 86 | #define _PR_IP_SADDRSEL 0 |
---|
| 87 | #endif |
---|
| 88 | #endif |
---|
| 89 | |
---|
| 90 | /* prison0 describes what is "real" about the system. */ |
---|
| 91 | struct prison prison0 = { |
---|
| 92 | .pr_id = 0, |
---|
| 93 | .pr_name = "0", |
---|
| 94 | .pr_ref = 1, |
---|
| 95 | .pr_uref = 1, |
---|
| 96 | .pr_path = "/", |
---|
| 97 | .pr_securelevel = -1, |
---|
| 98 | .pr_childmax = JAIL_MAX, |
---|
| 99 | .pr_hostuuid = DEFAULT_HOSTUUID, |
---|
| 100 | .pr_children = LIST_HEAD_INITIALIZER(prison0.pr_children), |
---|
| 101 | #ifdef VIMAGE |
---|
| 102 | .pr_flags = PR_HOST|PR_VNET|_PR_IP_SADDRSEL, |
---|
| 103 | #else |
---|
| 104 | .pr_flags = PR_HOST|_PR_IP_SADDRSEL, |
---|
| 105 | #endif |
---|
| 106 | .pr_allow = PR_ALLOW_ALL, |
---|
| 107 | }; |
---|
| 108 | MTX_SYSINIT(prison0, &prison0.pr_mtx, "jail mutex", MTX_DEF); |
---|
| 109 | |
---|
[55fbb18] | 110 | /* |
---|
| 111 | * See if a prison has the specific flag set. |
---|
| 112 | */ |
---|
| 113 | int |
---|
| 114 | prison_flag(struct ucred *cred, unsigned flag) |
---|
| 115 | { |
---|
[336762e] | 116 | /* This is an atomic read, so no locking is necessary. */ |
---|
| 117 | return (cred->cr_prison->pr_flags & flag); |
---|
[55fbb18] | 118 | } |
---|
| 119 | |
---|
[336762e] | 120 | void |
---|
| 121 | prison_free(struct prison *pr) |
---|
| 122 | { |
---|
| 123 | } |
---|
[334957b] | 124 | |
---|
[336762e] | 125 | void |
---|
| 126 | prison_hold(struct prison *pr) |
---|
| 127 | { |
---|
| 128 | } |
---|
[334957b] | 129 | |
---|
[55fbb18] | 130 | /* |
---|
| 131 | * Check if given address belongs to the jail referenced by cred (wrapper to |
---|
| 132 | * prison_check_ip[46]). |
---|
| 133 | * |
---|
| 134 | * Returns 0 if jail doesn't restrict the address family or if address belongs |
---|
| 135 | * to jail, EADDRNOTAVAIL if the address doesn't belong, or EAFNOSUPPORT if |
---|
| 136 | * the jail doesn't allow the address family. IPv4 Address passed in in NBO. |
---|
| 137 | */ |
---|
| 138 | int |
---|
| 139 | prison_if(struct ucred *cred, struct sockaddr *sa) |
---|
| 140 | { |
---|
| 141 | return 0; |
---|
| 142 | } |
---|
[336762e] | 143 | |
---|
[55fbb18] | 144 | /* |
---|
| 145 | * Return 1 if we should do proper source address selection or are not jailed. |
---|
| 146 | * We will return 0 if we should bypass source address selection in favour |
---|
| 147 | * of the primary jail IPv6 address. Only in this case *ia will be updated and |
---|
| 148 | * returned in NBO. |
---|
| 149 | * Return EAFNOSUPPORT, in case this jail does not allow IPv6. |
---|
| 150 | */ |
---|
| 151 | int |
---|
| 152 | prison_saddrsel_ip6(struct ucred *cred, struct in6_addr *ia6) |
---|
| 153 | { |
---|
| 154 | return EAFNOSUPPORT; |
---|
| 155 | } |
---|
[336762e] | 156 | |
---|
[55fbb18] | 157 | /* |
---|
| 158 | * Return true if pr1 and pr2 have the same IPv4 address restrictions. |
---|
| 159 | */ |
---|
| 160 | int |
---|
| 161 | prison_equal_ip4(struct prison *pr1, struct prison *pr2) |
---|
| 162 | { |
---|
| 163 | return 1; |
---|
| 164 | } |
---|
| 165 | |
---|
[d1528ff] | 166 | /* |
---|
| 167 | * Check if given address belongs to the jail referenced by cred/prison. |
---|
| 168 | * |
---|
| 169 | * Returns 0 if jail doesn't restrict IPv4 or if address belongs to jail, |
---|
| 170 | * EADDRNOTAVAIL if the address doesn't belong, or EAFNOSUPPORT if the jail |
---|
| 171 | * doesn't allow IPv4. Address passed in in NBO. |
---|
| 172 | */ |
---|
| 173 | int |
---|
| 174 | prison_check_ip4(struct ucred *cred, struct in_addr *ia) |
---|
| 175 | { |
---|
| 176 | return 0; |
---|
| 177 | } |
---|
| 178 | |
---|
[336762e] | 179 | /* |
---|
| 180 | * Assuming 0 means no restrictions. |
---|
| 181 | * |
---|
| 182 | * NOTE: RTEMS does not restrict via a jail so return 0. |
---|
| 183 | */ |
---|
[55fbb18] | 184 | int |
---|
| 185 | prison_check_ip6(struct ucred *cred, struct in6_addr *ia6) |
---|
| 186 | { |
---|
[336762e] | 187 | return 0; |
---|
[55fbb18] | 188 | } |
---|
[334957b] | 189 | |
---|
[55fbb18] | 190 | /* |
---|
| 191 | * Make sure our (source) address is set to something meaningful to this |
---|
| 192 | * jail. |
---|
| 193 | * |
---|
| 194 | * Returns 0 if jail doesn't restrict IPv4 or if address belongs to jail, |
---|
| 195 | * EADDRNOTAVAIL if the address doesn't belong, or EAFNOSUPPORT if the jail |
---|
| 196 | * doesn't allow IPv4. Address passed in in NBO and returned in NBO. |
---|
| 197 | */ |
---|
| 198 | int |
---|
| 199 | prison_local_ip4(struct ucred *cred, struct in_addr *ia) |
---|
| 200 | { |
---|
| 201 | return EAFNOSUPPORT; |
---|
| 202 | } |
---|
| 203 | |
---|
| 204 | /* |
---|
| 205 | * Rewrite destination address in case we will connect to loopback address. |
---|
| 206 | * |
---|
| 207 | * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4. |
---|
| 208 | * Address passed in in NBO and returned in NBO. |
---|
| 209 | */ |
---|
| 210 | int |
---|
| 211 | prison_remote_ip4(struct ucred *cred, struct in_addr *ia) |
---|
| 212 | { |
---|
| 213 | return EAFNOSUPPORT; |
---|
| 214 | } |
---|
[336762e] | 215 | |
---|
[55fbb18] | 216 | /* |
---|
| 217 | * Return true if pr1 and pr2 have the same IPv6 address restrictions. |
---|
| 218 | */ |
---|
| 219 | int |
---|
| 220 | prison_equal_ip6(struct prison *pr1, struct prison *pr2) |
---|
| 221 | { |
---|
| 222 | return 1; |
---|
| 223 | } |
---|
[336762e] | 224 | |
---|
[55fbb18] | 225 | /* |
---|
| 226 | * Make sure our (source) address is set to something meaningful to this jail. |
---|
| 227 | * |
---|
| 228 | * v6only should be set based on (inp->inp_flags & IN6P_IPV6_V6ONLY != 0) |
---|
| 229 | * when needed while binding. |
---|
| 230 | * |
---|
| 231 | * Returns 0 if jail doesn't restrict IPv6 or if address belongs to jail, |
---|
| 232 | * EADDRNOTAVAIL if the address doesn't belong, or EAFNOSUPPORT if the jail |
---|
| 233 | * doesn't allow IPv6. |
---|
[336762e] | 234 | * |
---|
| 235 | * NOTE: RTEMS does not restrict via a jail so return 0. |
---|
[55fbb18] | 236 | */ |
---|
| 237 | int |
---|
| 238 | prison_local_ip6(struct ucred *cred, struct in6_addr *ia6, int v6only) |
---|
| 239 | { |
---|
[336762e] | 240 | return 0; |
---|
[55fbb18] | 241 | } |
---|
| 242 | |
---|
| 243 | /* |
---|
| 244 | * Rewrite destination address in case we will connect to loopback address. |
---|
| 245 | * |
---|
| 246 | * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv6. |
---|
[336762e] | 247 | * |
---|
| 248 | * NOTE: RTEMS does not restrict via a jail so return 0. |
---|
[55fbb18] | 249 | */ |
---|
| 250 | int |
---|
| 251 | prison_remote_ip6(struct ucred *cred, struct in6_addr *ia6) |
---|
| 252 | { |
---|
[336762e] | 253 | return 0; |
---|
[55fbb18] | 254 | } |
---|
[761f597d] | 255 | |
---|
| 256 | /* |
---|
| 257 | * Return 1 if we should do proper source address selection or are not jailed. |
---|
| 258 | * We will return 0 if we should bypass source address selection in favour |
---|
| 259 | * of the primary jail IPv4 address. Only in this case *ia will be updated and |
---|
| 260 | * returned in NBO. |
---|
| 261 | * Return EAFNOSUPPORT, in case this jail does not allow IPv4. |
---|
| 262 | */ |
---|
| 263 | int |
---|
| 264 | prison_saddrsel_ip4(struct ucred *cred, struct in_addr *ia) |
---|
| 265 | { |
---|
| 266 | } |
---|
| 267 | |
---|
| 268 | /* |
---|
| 269 | * Pass back primary IPv4 address of this jail. |
---|
| 270 | * |
---|
| 271 | * If not restricted return success but do not alter the address. Caller has |
---|
| 272 | * to make sure to initialize it correctly (e.g. INADDR_ANY). |
---|
| 273 | * |
---|
| 274 | * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4. |
---|
| 275 | * Address returned in NBO. |
---|
| 276 | */ |
---|
| 277 | int |
---|
| 278 | prison_get_ip4(struct ucred *cred, struct in_addr *ia) |
---|
| 279 | { |
---|
| 280 | return 0; |
---|
| 281 | } |
---|
[6f539f7] | 282 | |
---|
| 283 | /* |
---|
| 284 | * Return 1 if the passed credential is in a jail and that jail does not |
---|
| 285 | * have its own virtual network stack, otherwise 0. |
---|
| 286 | */ |
---|
| 287 | int |
---|
| 288 | jailed_without_vnet(struct ucred *cred) |
---|
| 289 | { |
---|
| 290 | return 0; |
---|
| 291 | } |
---|
| 292 | |
---|
| 293 | /* |
---|
| 294 | * Pass back primary IPv6 address for this jail. |
---|
| 295 | * |
---|
| 296 | * If not restricted return success but do not alter the address. Caller has |
---|
| 297 | * to make sure to initialize it correctly (e.g. IN6ADDR_ANY_INIT). |
---|
| 298 | * |
---|
| 299 | * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv6. |
---|
| 300 | */ |
---|
| 301 | int |
---|
| 302 | prison_get_ip6(struct ucred *cred, struct in6_addr *ia6) |
---|
| 303 | { |
---|
| 304 | return 0; |
---|
| 305 | } |
---|
[6618e3e] | 306 | /* |
---|
| 307 | * Return 0 if jails permit p1 to frob p2, otherwise ESRCH. |
---|
| 308 | */ |
---|
| 309 | int |
---|
| 310 | prison_check(struct ucred *cred1, struct ucred *cred2) |
---|
| 311 | { |
---|
| 312 | return 0; |
---|
| 313 | } |
---|
[b783f05] | 314 | |
---|
| 315 | /* |
---|
| 316 | * Check if a jail supports the given address family. |
---|
| 317 | * |
---|
| 318 | * Returns 0 if not jailed or the address family is supported, EAFNOSUPPORT |
---|
| 319 | * if not. |
---|
| 320 | */ |
---|
| 321 | int |
---|
| 322 | prison_check_af(struct ucred *cred, int af) |
---|
| 323 | { |
---|
| 324 | return 0; |
---|
| 325 | } |
---|
| 326 | |
---|
| 327 | /* |
---|
| 328 | * Return 1 if the passed credential is in a jail, otherwise 0. |
---|
| 329 | */ |
---|
| 330 | int |
---|
| 331 | jailed(struct ucred *cred) |
---|
| 332 | { |
---|
| 333 | return 0; |
---|
| 334 | } |
---|