jail: simplify EVFILT_JAIL events
Instead of using the EVFILT_PROC model of attempting to automatically register new events when a child jail is created, just give a single event when a child jail is created. As was already done with jail attach events, make a best-effort report of the added jail's id in kn_data. If the are multiple NOTE_JAIL_CHILD and/or NOTE_JAIL_ATTACH events, set the NOTE_JAIL_MULTI flag, and don't report anything in data, indicating that the caller will need to query the system state on their own. MFC after: 3 days
This commit is contained in:
+15
-26
@@ -22,7 +22,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd September 4, 2025
|
||||
.Dd September 11, 2025
|
||||
.Dt KQUEUE 2
|
||||
.Os
|
||||
.Sh NAME
|
||||
@@ -614,41 +614,30 @@ The process ID will be stored in
|
||||
If more than one process has attached since the last call to
|
||||
.Fn kevent ,
|
||||
.Va data
|
||||
will contain the most recently attached process ID,
|
||||
with
|
||||
.Dv NOTE_JAIL_ATTACH_MULTI
|
||||
set in
|
||||
.Va fflags .
|
||||
will be zero.
|
||||
.It Dv NOTE_JAIL_REMOVE
|
||||
The jail has been removed.
|
||||
.It Dv NOTE_JAIL_CHILD
|
||||
A child of the watched jail has been created.
|
||||
.It Dv NOTE_TRACK
|
||||
Follow child jails created under this jail.
|
||||
Register a new kevent to monitor the child jail using the same
|
||||
.Va fflags
|
||||
as the original event.
|
||||
The child jail will signal an event with
|
||||
.Dv NOTE_CHILD
|
||||
set in
|
||||
.Va fflags
|
||||
and the parent JID in
|
||||
Its jail ID will be stored in
|
||||
.Va data .
|
||||
.Pp
|
||||
If registering a new kevent fails
|
||||
.Pq usually due to resource limitations ,
|
||||
it will signal an event with
|
||||
.Dv NOTE_TRACKERR
|
||||
set in
|
||||
.Va fflags ,
|
||||
and the child jail will not signal a
|
||||
.Dv NOTE_CHILD
|
||||
event.
|
||||
If more than one jail has been created since the last call to
|
||||
.Fn kevent ,
|
||||
.Va data
|
||||
will be zero.
|
||||
.El
|
||||
.Pp
|
||||
On return,
|
||||
.Va fflags
|
||||
contains the events which triggered the filter.
|
||||
It will also contain
|
||||
.Dv NOTE_JAIL_MULTI
|
||||
if more than one
|
||||
.Dv NOTE_JAIL_ATTACH
|
||||
or
|
||||
.Dv NOTE_JAIL_CHILD
|
||||
event has been received since the last call to
|
||||
.Fn kevent .
|
||||
.It Dv EVFILT_TIMER
|
||||
Establishes an arbitrary timer identified by
|
||||
.Va ident .
|
||||
|
||||
Reference in New Issue
Block a user