[Bug 272706] procstat(1): procstat vm in jails shows host paths of binaries and shared libraries from outside prison

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 25 Jul 2023 17:36:25 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272706

--- Comment #5 from Andrew "RhodiumToad" Gierth <andrew@tao11.riddles.org.uk> ---
(In reply to Andrew "RhodiumToad" Gierth from comment #4)

I've confirmed my analysis this far: vn_fullpath is being called with vp
pointing to a physical filesystem vnode (i.e. not the nullfs node on the upper
layer, but the lower layer vnode backing it). Accordingly, since in general the
lower vnode is somewhere outside the jail root, the traverse of parent dirs
never hits the process root directory, so the full path is shown.

Most other uses of vn_fullpath will be starting from the upper-level vnode (for
example, because they just looked up a filename, or they have an open file,
etc.), and in this case, the code seems to correctly traverse the upper layer
and end at the process root dir. What I don't know is why the vm_object is
apparently referencing the lower vnode rather than the upper one.

-- 
You are receiving this mail because:
You are the assignee for the bug.