Add a version number field to the jail(2) argument so that future changes

can be handled intelligently.

3 files changed, 20 insertions, 6 deletions

diff --git a/lib/libc/sys/jail.2 b/lib/libc/sys/jail.2
index 7ff8dce..00aae7e 100644
--- a/lib/libc/sys/jail.2
+++ b/lib/libc/sys/jail.2
@@ -28,12 +28,16 @@ system call sets up a jail and locks the current process in it.
 The argument is a pointer to a structure describing the prison:
 .Bd -literal -offset indent
 struct jail {
-        char *path;
-        char *hostname;
-        u_int32_t ip_number;
+	u_int32_t	version;
+        char 		*path;
+        char 		*hostname;
+        u_int32_t	ip_number;
 };
 .Ed
 .Pp
+.Dq Li version
+defines the version of the API in use.  It should be set to zero at this time.
+.Pp
 The
 .Dq Li path
 pointer should be set to the directory which is to be the root of the
@@ -70,6 +74,13 @@ it will show a field near the end of the line, either as
 a single hyphen for a process at large, or the hostname currently
 set for the prison for jailed processes.
 .Sh ERRORS
+.Fn jail
+will fail if:
+.Bl -tag -width EWOULDBLOCK
+.It Bq Er EINVAL
+The version number of the argument is not correct.
+.El
+Further
 .Fn Jail
 calls
 .Xr chroot 2
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 16fd048..266cd5e 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -43,6 +43,8 @@ jail(p, uap)
 	error = copyin(uap->jail, &j, sizeof j);
 	if (error)
 		return (error);
+	if (j.version != 0)
+		return (EINVAL);
 	MALLOC(pr, struct prison *, sizeof *pr , M_PRISON, M_WAITOK);
 	bzero((caddr_t)pr, sizeof *pr);
 	error = copyinstr(j.hostname, &pr->pr_host, sizeof pr->pr_host, 0);
diff --git a/sys/sys/jail.h b/sys/sys/jail.h
index 560f4b8..8780967 100644
--- a/sys/sys/jail.h
+++ b/sys/sys/jail.h
@@ -14,9 +14,10 @@
 #define _SYS_JAIL_H_
 
 struct jail {
-	char *path;
-	char *hostname;
-	u_int32_t ip_number;
+	u_int32_t	version;
+	char		*path;
+	char		*hostname;
+	u_int32_t	ip_number;
 };
 
 #ifndef KERNEL