From nobody@FreeBSD.org  Thu Sep 30 16:35:56 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F124A1065673
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 30 Sep 2010 16:35:56 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id E1B978FC14
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 30 Sep 2010 16:35:56 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o8UGZu3j014704
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 30 Sep 2010 16:35:56 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o8UGZuTg014701;
	Thu, 30 Sep 2010 16:35:56 GMT
	(envelope-from nobody)
Message-Id: <201009301635.o8UGZuTg014701@www.freebsd.org>
Date: Thu, 30 Sep 2010 16:35:56 GMT
From: Alexey Samoylov <sav@ecom24.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: gif inet tunnel addresses are not hidded in jail
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         151119
>Category:       kern
>Synopsis:       gif inet tunnel addresses are not hidded in jail
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bz
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 30 16:40:02 UTC 2010
>Closed-Date:    Sat Apr 09 10:37:16 UTC 2011
>Last-Modified:  Sat Apr  9 10:40:07 UTC 2011
>Originator:     Alexey Samoylov
>Release:        8.0-RELEASE-p2
>Organization:
E-Commerce LLC
>Environment:
FreeBSD test 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #3: Wed Mar 31 11:49:24 CEST 2010     root@neo.vx.sk:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
ifconfig in jail displays inet tunnel settings of gif interface, but gif doesn't belong to jail:

# ifconfig gif0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet A.A.A.A --> B.B.B.B
        options=1<ACCEPT_REV_ETHIP_VER>


>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Thu Sep 30 18:35:15 UTC 2010 
State-Changed-Why:  
This had been fixed recently in 8-stable. It will not be part of the 
release you are running, so please upgrade to 8stable if this is a 
requirement for you. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151119 
State-Changed-From-To: closed->feedback 
State-Changed-By: bz 
State-Changed-When: Sat Dec 18 12:45:21 UTC 2010 
State-Changed-Why:  
I am not sure, or rather I cannot find the commit that fixed it. 


Responsible-Changed-From-To: freebsd-bugs->bz 
Responsible-Changed-By: bz 
Responsible-Changed-When: Sat Dec 18 12:45:21 UTC 2010 
Responsible-Changed-Why:  
Take.  I am not sure why it's not assigned to remko. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151119 

From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: bug-followup@FreeBSD.org, sav@ecom24.ru
Cc: Remko Lodder <remko@freebsd.org>
Subject: Re: kern/151119: gif inet tunnel addresses are not hidded in jail
Date: Sat, 18 Dec 2010 12:49:24 +0000 (UTC)

 Hi,
 
 I am not sure why remko thought it was fixed in stable/8 lately.  I
 thought it was myself actually but I cannot find the commit.  Can you
 please try this patch (at your own risk, as I have no clue about the
 state of it anymore) and report back?
 
 http://people.freebsd.org/~bz/20100318-01-gif-outside-addrs-jail-hide.diff
 
 /bz
 
 -- 
 Bjoern A. Zeeb                              Welcome a new stage of life.
          <ks> Going to jail sucks -- <bz> All my daemons like it!
    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails.html

From: Piotr KUCHARSKI <nospam@42.pl>
To: bug-followup@FreeBSD.org, bz@FreeBSD.org
Cc:  
Subject: Re: kern/151119: gif inet tunnel addresses are not hidded in jail
Date: Sun, 27 Feb 2011 02:42:15 +0100

 I've applied your patch and it works (only few hours running, though).
 
 There was one unexpected (to me) thing there, but once I thought it
 over, I like it.
 
 In ezjail config I had (a.b.c.d is jail's public, external IP):
 export jail_jail_ip="a.b.c.d,172.16.0.26" 
 and that's what I saw inside jail:
 
 gif4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1480
         inet 172.16.0.26 --> 172.16.0.25 netmask 0xfffffffe 
         options=1<ACCEPT_REV_ETHIP_VER>
 
 while I was expecting:
 
 gif4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1480
         tunnel inet a.b.c.d --> e.f.g.h
         inet 172.16.0.26 --> 172.16.0.25 netmask 0xfffffffe 
         options=1<ACCEPT_REV_ETHIP_VER>
 
 I tried and added e.f.g.h IP to jail_jail_ip and restarted jail,
 and the "tunnel inet" line appeared.
 
 Which is awesome, because you can create tunnels and expose only
 private inet IPs, and tunnels work from inside the jail without
 revealing public IPs of the tunnel... which is exactly how I'm
 going to use it.
 
 Thanks and please commit. :)
 

From: Piotr KUCHARSKI <nospam@42.pl>
To: bug-followup@FreeBSD.org, bz@FreeBSD.org
Cc:  
Subject: Re: kern/151119: gif inet tunnel addresses are not hidded in jail
Date: Sun, 27 Feb 2011 03:14:19 +0100

 I forgot to add that in other jails IPs are completely hidden,
 as expected and desired:
 
 # jexec 4 ifconfig gif4
 gif4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1480
         options=1<ACCEPT_REV_ETHIP_VER>
 #
 
 Thanks!
State-Changed-From-To: feedback->patched 
State-Changed-By: bz 
State-Changed-When: Wed Mar 2 21:39:55 UTC 2011 
State-Changed-Why:  
Changes committed to HEAD; MFC timer set. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151119 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/151119: commit references a PR
Date: Wed,  2 Mar 2011 21:39:22 +0000 (UTC)

 Author: bz
 Date: Wed Mar  2 21:39:08 2011
 New Revision: 219206
 URL: http://svn.freebsd.org/changeset/base/219206
 
 Log:
   Hide the outer IP addresses of a tunnel interfaces (gif(4), gre(4))
   from processes inside jails if the addresses do not belong to the jail.
   
   Originally reported by: Pieter de Boer via remko
   PR:		kern/151119
   Tested by:	Piotr KUCHARSKI (nospam 42.pl) [gif]
   MFC after:	1 week
 
 Modified:
   head/sys/net/if_gif.c
   head/sys/net/if_gre.c
 
 Modified: head/sys/net/if_gif.c
 ==============================================================================
 --- head/sys/net/if_gif.c	Wed Mar  2 20:08:52 2011	(r219205)
 +++ head/sys/net/if_gif.c	Wed Mar  2 21:39:08 2011	(r219206)
 @@ -35,6 +35,7 @@
  
  #include <sys/param.h>
  #include <sys/systm.h>
 +#include <sys/jail.h>
  #include <sys/kernel.h>
  #include <sys/malloc.h>
  #include <sys/mbuf.h>
 @@ -817,6 +818,12 @@ gif_ioctl(ifp, cmd, data)
  		}
  		if (src->sa_len > size)
  			return EINVAL;
 +		error = prison_if(curthread->td_ucred, src);
 +		if (error != 0)
 +			return (error);
 +		error = prison_if(curthread->td_ucred, dst);
 +		if (error != 0)
 +			return (error);
  		bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
  #ifdef INET6
  		if (dst->sa_family == AF_INET6) {
 
 Modified: head/sys/net/if_gre.c
 ==============================================================================
 --- head/sys/net/if_gre.c	Wed Mar  2 20:08:52 2011	(r219205)
 +++ head/sys/net/if_gre.c	Wed Mar  2 21:39:08 2011	(r219206)
 @@ -46,6 +46,7 @@
  #include "opt_inet6.h"
  
  #include <sys/param.h>
 +#include <sys/jail.h>
  #include <sys/kernel.h>
  #include <sys/malloc.h>
  #include <sys/module.h>
 @@ -636,6 +637,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
  		sa = sintosa(&si);
 +		error = prison_if(curthread->td_ucred, sa);
 +		if (error != 0)
 +			break;
  		ifr->ifr_addr = *sa;
  		break;
  	case GREGADDRD:
 @@ -644,6 +648,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
  		sa = sintosa(&si);
 +		error = prison_if(curthread->td_ucred, sa);
 +		if (error != 0)
 +			break;
  		ifr->ifr_addr = *sa;
  		break;
  	case SIOCSIFPHYADDR:
 @@ -707,8 +714,14 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		memcpy(&lifr->addr, &si, sizeof(si));
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		memcpy(&lifr->dstaddr, &si, sizeof(si));
  		break;
  	case SIOCGIFPSRCADDR:
 @@ -723,6 +736,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
  		break;
  	case SIOCGIFPDSTADDR:
 @@ -737,6 +753,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
  		break;
  	case GRESKEY:
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/151119: commit references a PR
Date: Sat,  9 Apr 2011 10:22:37 +0000 (UTC)

 Author: bz
 Date: Sat Apr  9 10:22:18 2011
 New Revision: 220477
 URL: http://svn.freebsd.org/changeset/base/220477
 
 Log:
   MFC r219206:
   
     Hide the outer IP addresses of a tunnel interfaces (gif(4), gre(4))
     from processes inside jails if the addresses do not belong to the jail.
   
     Originally reported by: Pieter de Boer via remko
     Tested by:	Piotr KUCHARSKI (nospam 42.pl) [gif]
   PR:		kern/151119
 
 Modified:
   stable/7/sys/net/if_gif.c
   stable/7/sys/net/if_gre.c
 Directory Properties:
   stable/7/sys/   (props changed)
   stable/7/sys/cddl/contrib/opensolaris/   (props changed)
   stable/7/sys/contrib/dev/acpica/   (props changed)
   stable/7/sys/contrib/pf/   (props changed)
 
 Modified: stable/7/sys/net/if_gif.c
 ==============================================================================
 --- stable/7/sys/net/if_gif.c	Sat Apr  9 10:19:25 2011	(r220476)
 +++ stable/7/sys/net/if_gif.c	Sat Apr  9 10:22:18 2011	(r220477)
 @@ -36,6 +36,7 @@
  
  #include <sys/param.h>
  #include <sys/systm.h>
 +#include <sys/jail.h>
  #include <sys/kernel.h>
  #include <sys/malloc.h>
  #include <sys/mbuf.h>
 @@ -811,6 +812,12 @@ gif_ioctl(ifp, cmd, data)
  		}
  		if (src->sa_len > size)
  			return EINVAL;
 +		error = prison_if(curthread->td_ucred, src);
 +		if (error != 0)
 +			return (error);
 +		error = prison_if(curthread->td_ucred, dst);
 +		if (error != 0)
 +			return (error);
  		bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
  #ifdef INET6
  		if (dst->sa_family == AF_INET6) {
 
 Modified: stable/7/sys/net/if_gre.c
 ==============================================================================
 --- stable/7/sys/net/if_gre.c	Sat Apr  9 10:19:25 2011	(r220476)
 +++ stable/7/sys/net/if_gre.c	Sat Apr  9 10:22:18 2011	(r220477)
 @@ -53,6 +53,7 @@
  #include "opt_inet6.h"
  
  #include <sys/param.h>
 +#include <sys/jail.h>
  #include <sys/kernel.h>
  #include <sys/malloc.h>
  #include <sys/module.h>
 @@ -642,6 +643,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
  		sa = sintosa(&si);
 +		error = prison_if(curthread->td_ucred, sa);
 +		if (error != 0)
 +			break;
  		ifr->ifr_addr = *sa;
  		break;
  	case GREGADDRD:
 @@ -650,6 +654,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
  		sa = sintosa(&si);
 +		error = prison_if(curthread->td_ucred, sa);
 +		if (error != 0)
 +			break;
  		ifr->ifr_addr = *sa;
  		break;
  	case SIOCSIFPHYADDR:
 @@ -713,8 +720,14 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		memcpy(&lifr->addr, &si, sizeof(si));
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		memcpy(&lifr->dstaddr, &si, sizeof(si));
  		break;
  	case SIOCGIFPSRCADDR:
 @@ -729,6 +742,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
  		break;
  	case SIOCGIFPDSTADDR:
 @@ -743,6 +759,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
  		break;
  	case GRESKEY:
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: bz 
State-Changed-When: Sat Apr 9 10:36:35 UTC 2011 
State-Changed-Why:  
Merged to stable/8 and 7.   Tahnks a lot for reporting. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=151119 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/151119: commit references a PR
Date: Sat,  9 Apr 2011 10:36:47 +0000 (UTC)

 Author: bz
 Date: Sat Apr  9 10:36:33 2011
 New Revision: 220478
 URL: http://svn.freebsd.org/changeset/base/220478
 
 Log:
   MFC r219206:
   
     Hide the outer IP addresses of a tunnel interfaces (gif(4), gre(4))
     from processes inside jails if the addresses do not belong to the jail.
   
     Originally reported by: Pieter de Boer via remko
     Tested by:	Piotr KUCHARSKI (nospam 42.pl) [gif]
   PR:		kern/151119
 
 Modified:
   stable/8/sys/net/if_gif.c
   stable/8/sys/net/if_gre.c
 Directory Properties:
   stable/8/sys/   (props changed)
   stable/8/sys/amd64/include/xen/   (props changed)
   stable/8/sys/cddl/contrib/opensolaris/   (props changed)
   stable/8/sys/contrib/dev/acpica/   (props changed)
   stable/8/sys/contrib/pf/   (props changed)
 
 Modified: stable/8/sys/net/if_gif.c
 ==============================================================================
 --- stable/8/sys/net/if_gif.c	Sat Apr  9 10:22:18 2011	(r220477)
 +++ stable/8/sys/net/if_gif.c	Sat Apr  9 10:36:33 2011	(r220478)
 @@ -35,6 +35,7 @@
  
  #include <sys/param.h>
  #include <sys/systm.h>
 +#include <sys/jail.h>
  #include <sys/kernel.h>
  #include <sys/malloc.h>
  #include <sys/mbuf.h>
 @@ -817,6 +818,12 @@ gif_ioctl(ifp, cmd, data)
  		}
  		if (src->sa_len > size)
  			return EINVAL;
 +		error = prison_if(curthread->td_ucred, src);
 +		if (error != 0)
 +			return (error);
 +		error = prison_if(curthread->td_ucred, dst);
 +		if (error != 0)
 +			return (error);
  		bcopy((caddr_t)src, (caddr_t)dst, src->sa_len);
  #ifdef INET6
  		if (dst->sa_family == AF_INET6) {
 
 Modified: stable/8/sys/net/if_gre.c
 ==============================================================================
 --- stable/8/sys/net/if_gre.c	Sat Apr  9 10:22:18 2011	(r220477)
 +++ stable/8/sys/net/if_gre.c	Sat Apr  9 10:36:33 2011	(r220478)
 @@ -53,6 +53,7 @@
  #include "opt_inet6.h"
  
  #include <sys/param.h>
 +#include <sys/jail.h>
  #include <sys/kernel.h>
  #include <sys/malloc.h>
  #include <sys/module.h>
 @@ -643,6 +644,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
  		sa = sintosa(&si);
 +		error = prison_if(curthread->td_ucred, sa);
 +		if (error != 0)
 +			break;
  		ifr->ifr_addr = *sa;
  		break;
  	case GREGADDRD:
 @@ -651,6 +655,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
  		sa = sintosa(&si);
 +		error = prison_if(curthread->td_ucred, sa);
 +		if (error != 0)
 +			break;
  		ifr->ifr_addr = *sa;
  		break;
  	case SIOCSIFPHYADDR:
 @@ -714,8 +721,14 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		memcpy(&lifr->addr, &si, sizeof(si));
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		memcpy(&lifr->dstaddr, &si, sizeof(si));
  		break;
  	case SIOCGIFPSRCADDR:
 @@ -730,6 +743,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_src.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
  		break;
  	case SIOCGIFPDSTADDR:
 @@ -744,6 +760,9 @@ gre_ioctl(struct ifnet *ifp, u_long cmd,
  		si.sin_family = AF_INET;
  		si.sin_len = sizeof(struct sockaddr_in);
  		si.sin_addr.s_addr = sc->g_dst.s_addr;
 +		error = prison_if(curthread->td_ucred, (struct sockaddr *)&si);
 +		if (error != 0)
 +			break;
  		bcopy(&si, &ifr->ifr_addr, sizeof(ifr->ifr_addr));
  		break;
  	case GRESKEY:
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
