xref: /dragonfly/sys/sys/jail.h (revision fe76c4fb) 
1 /*
2  * ----------------------------------------------------------------------------
3  * "THE BEER-WARE LICENSE" (Revision 42):
4  * <phk@FreeBSD.org> wrote this file.  As long as you retain this notice you
5  * can do whatever you want with this stuff. If we meet some day, and you think
6  * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
7  * ----------------------------------------------------------------------------
8  *
9  * $FreeBSD: src/sys/sys/jail.h,v 1.8.2.2 2000/11/01 17:58:06 rwatson Exp $
10  * $DragonFly: src/sys/sys/jail.h,v 1.7 2006/05/20 02:42:13 dillon Exp $
11  *
12  */
13 
14 #ifndef _SYS_JAIL_H_
15 #define _SYS_JAIL_H_
16 
17 #ifndef _SYS_TYPES_H_
18 #include <sys/types.h>
19 #endif
20 #ifndef _SYS_PARAM_H_
21 #include <sys/param.h>
22 #endif
23 #ifndef _SYS_UCRED_H_
24 #include <sys/ucred.h>
25 #endif
26 
27 struct jail {
28 	uint32_t	version;
29 	char		*path;
30 	char		*hostname;
31 	uint32_t	ip_number;
32 };
33 
34 #ifndef _KERNEL
35 
36 int jail(struct jail *);
37 int jail_attach(int);
38 
39 #else /* _KERNEL */
40 
41 #include <sys/varsym.h>
42 
43 #ifdef MALLOC_DECLARE
44 MALLOC_DECLARE(M_PRISON);
45 #endif
46 
47 #define	JAIL_MAX	999999
48 
49 /*
50  * This structure describes a prison.  It is pointed to by all struct
51  * proc's of the inmates.  pr_ref keeps track of them and is used to
52  * delete the struture when the last inmate is dead.
53  */
54 
55 struct prison {
56 	LIST_ENTRY(prison) pr_list;			/* all prisons */
57 	int		pr_id;				/* prison id */
58 	int		pr_ref;				/* reference count */
59 	struct namecache *pr_root;			/* namecache entry of root */
60 	char 		pr_host[MAXHOSTNAMELEN];	/* host name */
61 	uint32_t	pr_ip;				/* IP address */
62 	void		*pr_linux;			/* Linux ABI emulation */
63 	int		 pr_securelevel;		/* jail securelevel */
64 	struct varsymset pr_varsymset;			/* jail varsyms */
65 };
66 
67 /*
68  * Sysctl-set variables that determine global jail policy
69  */
70 extern int	jail_set_hostname_allowed;
71 extern int	jail_socket_unixiproute_only;
72 extern int	jail_sysvipc_allowed;
73 extern int	jail_chflags_allowed;
74 
75 void	prison_hold(struct prison *);
76 void	prison_free(struct prison *);
77 
78 /*
79  * Return 1 if the passed credential is in a jail, otherwise 0.
80  */
81 static __inline int
82 jailed(struct ucred *cred)
83 {
84 	return(cred->cr_prison != NULL);
85 }
86 
87 #endif /* !_KERNEL */
88 #endif /* !_SYS_JAIL_H_ */
89