Date: Fri, 9 Jun 2006 16:16:14 +0000 From: Marko Zec <zec@icir.org> To: freebsd-arch@freebsd.org Cc: Alex Lyashkov <shadow@psoft.net>, Robert Watson <rwatson@freebsd.org>, Julian Elischer <julian@elischer.org> Subject: Re: jail extensions Message-ID: <200606091616.15042.zec@icir.org> In-Reply-To: <44897693.5050306@elischer.org> References: <1149610678.4074.42.camel@berloga.shadowland> <1149786697.3222.91.camel@berloga.shadowland> <44897693.5050306@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 09 June 2006 13:24, Julian Elischer wrote: > Alex Lyashkov wrote: > >>2) at MOD_LOAD case run loop for each prisons and init private data for > >>this module at all contexts. At this way module always 'exist' at all > >>contexts. > >>and disable module compiling (loading) when module don`t marked jail > >>safe. > > > >example for this way. > >http://cvs.freevps.com/index.cgi/kernel/include/linux/freevps/s_context_xf > >rm.h?rev=1.3 > > http://cvs.freevps.com/index.cgi/kernel/net/ipv4/ah4.c?rev=1.3 > >ah4_init/ah4_fini functions. > > this is the bit that is obvious. > > The hard bit is the non obvious difficulty of changing all existing > modules in such away that > they can be compiled both in the new way, and in a way that they are > still compiled to the old way. > > You need to put all the currently global variables into a structure that > can be instantiated > for each jail, but in order to make this continue to work in the > existing system, they still need to > be compiled as a global when the normal buold is made. > > for this reason Marco and I were looking at various macros that can be > defined to > allow the variables to be compiled both ways. > > For example : > > > int xx; > static int yy; > struct a { > int aa; > int bb; > } cc; > > might become: > > VM_GLOBAL_START(modname) > int xx; > VMG_STATIC int yy; > struct a { > int aa; > int bb; > } cc; > VM_GLOBAL_STOP(modname) > > > You would access these as: > VM_GLOBAL(modname, yy) = 2 > foobar( VM_GLOBAL_STRUCT(cc, modname)->bb); One of the questions I have no answers to is what should we do with the "static" modifier semantics in a virtualized world order. I.e. once th e virtualized symbols are placed in a structure generated by whatever macros we design, it will become difficult to efficiently discriminate between globally and locally visible parts of that structure... Marko
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606091616.15042.zec>