Hi Gleb,
> On Jan 14, 2023, at 3:39 AM, Gleb Smirnoff <gleb...@freebsd.org> wrote:
>
> Zhenlei,
>
> a couple concise assignments missed:
>
> Z> @@ -1876,15 +1871,15 @@ kern_jail_set(struct thread *td, struct uio
> *optuio, int flags)
> Z> continue;
> Z> }
> Z> #endif
> Z> - if (prison_ip_restrict(tpr, PR_INET, NULL)) {
> Z> - redo_ip4 = 1;
> Z> + if (!prison_ip_restrict(tpr, PR_INET, NULL)) {
> Z> + redo_ip4 = true;
> Z> descend = 0;
> Z> }
> Z> }
> Z> }
>
> redo_ip4 = !prison_ip_restrict(tpr, PR_INET, NULL);
I think that is wrong, as `prison_ip_restrict` is called in loop round.
`redo_ip4` might flip to false on next round.
So the previous logic is right.
> + redo_ip4 = !prison_ip_restrict(tpr, PR_INET, &ip4);
Should be `redo_ip4 |= !prison_ip_restrict(tpr, PR_INET, &ip4);`
>
> Z> @@ -1896,8 +1891,8 @@ kern_jail_set(struct thread *td, struct uio *optuio,
> int flags)
> Z> continue;
> Z> }
> Z> #endif
> Z> - if (prison_ip_restrict(tpr, PR_INET6, NULL)) {
> Z> - redo_ip6 = 1;
> Z> + if (!prison_ip_restrict(tpr, PR_INET6, NULL)) {
> Z> + redo_ip6 = true;
> Z> descend = 0;
> Z> }
> Z> }
>
> redo_ip6 = !prison_ip_restrict(tpr, PR_INET6, NULL);
>
> --
> Gleb Smirnoff
PS, the logic redo_ip4 / redo_ip6 under low memory pressure can be optimized
and I'll do that later.
Best regards,
Zhenlei
