1 /* 2 * ---------------------------------------------------------------------------- 3 * "THE BEER-WARE LICENSE" (Revision 42): 4 * <phk@FreeBSD.org> wrote this file. As long as you retain this notice you 5 * can do whatever you want with this stuff. If we meet some day, and you think 6 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 7 * ---------------------------------------------------------------------------- 8 * 9 * $FreeBSD: src/sys/sys/jail.h,v 1.8.2.2 2000/11/01 17:58:06 rwatson Exp $ 10 * $DragonFly: src/sys/sys/jail.h,v 1.6 2005/07/20 20:31:19 dillon Exp $ 11 * 12 */ 13 14 #ifndef _SYS_JAIL_H_ 15 #define _SYS_JAIL_H_ 16 17 struct jail { 18 uint32_t version; 19 char *path; 20 char *hostname; 21 uint32_t ip_number; 22 }; 23 24 #ifndef _KERNEL 25 26 int jail(struct jail *); 27 int jail_attach(int); 28 29 #else /* _KERNEL */ 30 31 #include <sys/varsym.h> 32 33 #ifdef MALLOC_DECLARE 34 MALLOC_DECLARE(M_PRISON); 35 #endif 36 37 #define JAIL_MAX 999999 38 39 /* 40 * This structure describes a prison. It is pointed to by all struct 41 * proc's of the inmates. pr_ref keeps track of them and is used to 42 * delete the struture when the last inmate is dead. 43 */ 44 45 struct prison { 46 LIST_ENTRY(prison) pr_list; /* all prisons */ 47 int pr_id; /* prison id */ 48 int pr_ref; /* reference count */ 49 struct namecache *pr_root; /* namecache entry of root */ 50 char pr_host[MAXHOSTNAMELEN]; /* host name */ 51 uint32_t pr_ip; /* IP address */ 52 void *pr_linux; /* Linux ABI emulation */ 53 int pr_securelevel; /* jail securelevel */ 54 struct varsymset pr_varsymset; /* jail varsyms */ 55 }; 56 57 /* 58 * Sysctl-set variables that determine global jail policy 59 */ 60 extern int jail_set_hostname_allowed; 61 extern int jail_socket_unixiproute_only; 62 extern int jail_sysvipc_allowed; 63 extern int jail_chflags_allowed; 64 65 void prison_hold(struct prison *); 66 void prison_free(struct prison *); 67 68 /* 69 * Return 1 if the passed credential is in a jail, otherwise 0. 70 */ 71 static __inline int 72 jailed(struct ucred *cred) 73 { 74 return(cred->cr_prison != NULL); 75 } 76 77 #endif /* !_KERNEL */ 78 #endif /* !_SYS_JAIL_H_ */ 79