jail: convert several functions from int to bool

these functions exclusively return (0) and (1), so convert them to bool

We also convert some networking related jail functions from int to bool
some of which were returning an error that was never used.

Differential Revision: https://reviews.freebsd.org/D29659
Reviewed by: imp, jamie (earlier version)
Pull Request: freebsd/freebsd-src#663

sys/kern/kern_jail.c

@@ -2812,14 +2812,19 @@ prison_find_name(struct prison *mypr, const char *name)
  * PR_IP4 and PR_IP6), or only the single bit is examined, without regard
  * to any other prison data.
  */
-int
+bool
 prison_flag(struct ucred *cred, unsigned flag)
 {
 
-	return (cred->cr_prison->pr_flags & flag);
+	return ((cred->cr_prison->pr_flags & flag) != 0);
 }
 
-int
+/*
+ * See if a prison has the specific allow flag set.
+ * The prison *should* be locked, or only a single bit is examined, without
+ * regard to any other prison data.
+ */
+bool
 prison_allow(struct ucred *cred, unsigned flag)
 {
 
@@ -3547,16 +3552,16 @@ prison_check_nfsd(struct ucred *cred)
 }
 
 /*
- * Return 1 if p2 is a child of p1, otherwise 0.
+ * Return true if p2 is a child of p1, otherwise false.
  */
-int
+bool
 prison_ischild(struct prison *pr1, struct prison *pr2)
 {
 
 	for (pr2 = pr2->pr_parent; pr2 != NULL; pr2 = pr2->pr_parent)
 		if (pr1 == pr2)
-			return (1);
-	return (0);
+			return (true);
+	return (false);
 }
 
 /*
@@ -3591,21 +3596,21 @@ prison_isvalid(struct prison *pr)
 }
 
 /*
- * Return 1 if the passed credential is in a jail and that jail does not
- * have its own virtual network stack, otherwise 0.
+ * Return true if the passed credential is in a jail and that jail does not
+ * have its own virtual network stack, otherwise false.
  */
-int
+bool
 jailed_without_vnet(struct ucred *cred)
 {
 
 	if (!jailed(cred))
-		return (0);
+		return (false);
 #ifdef VIMAGE
 	if (prison_owns_vnet(cred))
-		return (0);
+		return (false);
 #endif
 
-	return (1);
+	return (true);
 }
 
 /*
@@ -3667,17 +3672,17 @@ getjailname(struct ucred *cred, char *name, size_t len)
  * Determine whether the prison represented by cred owns
  * its vnet rather than having it inherited.
  *
- * Returns 1 in case the prison owns the vnet, 0 otherwise.
+ * Returns true in case the prison owns the vnet, false otherwise.
  */
-int
+bool
 prison_owns_vnet(struct ucred *cred)
 {
 
 	/*
 	 * vnets cannot be added/removed after jail creation,
 	 * so no need to lock here.
 	 */
-	return (cred->cr_prison->pr_flags & PR_VNET ? 1 : 0);
+	return ((cred->cr_prison->pr_flags & PR_VNET) != 0);
 }
 #endif
 

sys/netinet/in_jail.c

@@ -144,49 +144,47 @@ prison_get_ip4(struct ucred *cred, struct in_addr *ia)
 }
 
 /*
- * Return 1 if we should do proper source address selection or are not jailed.
- * We will return 0 if we should bypass source address selection in favour
+ * Return true if we should do proper source address selection or are not jailed.
+ * We will return false if we should bypass source address selection in favour
  * of the primary jail IPv4 address. Only in this case *ia will be updated and
  * returned in NBO.
- * Return EAFNOSUPPORT, in case this jail does not allow IPv4.
+ * Return true, even in case this jail does not allow IPv4.
  */
-int
+bool
 prison_saddrsel_ip4(struct ucred *cred, struct in_addr *ia)
 {
 	struct prison *pr;
 	struct in_addr lia;
-	int error;
 
 	KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
 	KASSERT(ia != NULL, ("%s: ia is NULL", __func__));
 
 	if (!jailed(cred))
-		return (1);
+		return (true);
 
 	pr = cred->cr_prison;
 	if (pr->pr_flags & PR_IP4_SADDRSEL)
-		return (1);
+		return (true);
 
 	lia.s_addr = INADDR_ANY;
-	error = prison_get_ip4(cred, &lia);
-	if (error)
-		return (error);
+	if (prison_get_ip4(cred, &lia) != 0)
+		return (true);
 	if (lia.s_addr == INADDR_ANY)
-		return (1);
+		return (true);
 
 	ia->s_addr = lia.s_addr;
-	return (0);
+	return (false);
 }
 
 /*
  * Return true if pr1 and pr2 have the same IPv4 address restrictions.
  */
-int
+bool
 prison_equal_ip4(struct prison *pr1, struct prison *pr2)
 {
 
 	if (pr1 == pr2)
-		return (1);
+		return (true);
 
 	/*
 	 * No need to lock since the PR_IP4_USER flag can't be altered for

sys/netinet6/in6_jail.c

@@ -133,49 +133,47 @@ prison_get_ip6(struct ucred *cred, struct in6_addr *ia6)
 }
 
 /*
- * Return 1 if we should do proper source address selection or are not jailed.
- * We will return 0 if we should bypass source address selection in favour
+ * Return true if we should do proper source address selection or are not jailed.
+ * We will return false if we should bypass source address selection in favour
  * of the primary jail IPv6 address. Only in this case *ia will be updated and
  * returned in NBO.
- * Return EAFNOSUPPORT, in case this jail does not allow IPv6.
+ * Return true, even in case this jail does not allow IPv6.
  */
-int
+bool
 prison_saddrsel_ip6(struct ucred *cred, struct in6_addr *ia6)
 {
 	struct prison *pr;
 	struct in6_addr lia6;
-	int error;
 
 	KASSERT(cred != NULL, ("%s: cred is NULL", __func__));
 	KASSERT(ia6 != NULL, ("%s: ia6 is NULL", __func__));
 
 	if (!jailed(cred))
-		return (1);
+		return (true);
 
 	pr = cred->cr_prison;
 	if (pr->pr_flags & PR_IP6_SADDRSEL)
-		return (1);
+		return (true);
 
 	lia6 = in6addr_any;
-	error = prison_get_ip6(cred, &lia6);
-	if (error)
-		return (error);
+	if (prison_get_ip6(cred, &lia6) != 0)
+		return (true);
 	if (IN6_IS_ADDR_UNSPECIFIED(&lia6))
-		return (1);
+		return (true);
 
 	bcopy(&lia6, ia6, sizeof(struct in6_addr));
-	return (0);
+	return (false);
 }
 
 /*
  * Return true if pr1 and pr2 have the same IPv6 address restrictions.
  */
-int
+bool
 prison_equal_ip6(struct prison *pr1, struct prison *pr2)
 {
 
 	if (pr1 == pr2)
-		return (1);
+		return (true);
 
 	while (pr1 != &prison0 &&
 #ifdef VIMAGE

sys/sys/jail.h

@@ -413,24 +413,24 @@ struct vfsconf;
  */
 #define jailed(cred)	(cred->cr_prison != &prison0)
 
-int jailed_without_vnet(struct ucred *);
+bool jailed_without_vnet(struct ucred *);
 void getcredhostname(struct ucred *, char *, size_t);
 void getcreddomainname(struct ucred *, char *, size_t);
 void getcredhostuuid(struct ucred *, char *, size_t);
 void getcredhostid(struct ucred *, unsigned long *);
 void getjailname(struct ucred *cred, char *name, size_t len);
 void prison0_init(void);
-int prison_allow(struct ucred *, unsigned);
+bool prison_allow(struct ucred *, unsigned);
 int prison_check(struct ucred *cred1, struct ucred *cred2);
 bool prison_check_nfsd(struct ucred *cred);
-int prison_owns_vnet(struct ucred *);
+bool prison_owns_vnet(struct ucred *);
 int prison_canseemount(struct ucred *cred, struct mount *mp);
 void prison_enforce_statfs(struct ucred *cred, struct mount *mp,
     struct statfs *sp);
 struct prison *prison_find(int prid);
 struct prison *prison_find_child(struct prison *, int);
 struct prison *prison_find_name(struct prison *, const char *);
-int prison_flag(struct ucred *, unsigned);
+bool prison_flag(struct ucred *, unsigned);
 void prison_free(struct prison *pr);
 void prison_free_locked(struct prison *pr);
 void prison_hold(struct prison *pr);
@@ -441,7 +441,7 @@ void prison_proc_link(struct prison *, struct proc *);
 void prison_proc_unlink(struct prison *, struct proc *);
 void prison_proc_iterate(struct prison *, void (*)(struct proc *, void *), void *);
 void prison_set_allow(struct ucred *cred, unsigned flag, int enable);
-int prison_ischild(struct prison *, struct prison *);
+bool prison_ischild(struct prison *, struct prison *);
 bool prison_isalive(const struct prison *);
 bool prison_isvalid(struct prison *);
 #if defined(INET) || defined(INET6)
@@ -450,24 +450,24 @@ const void *prison_ip_get0(const struct prison *, const pr_family_t);
 u_int prison_ip_cnt(const struct prison *, const pr_family_t);
 #endif
 #ifdef INET
-int prison_equal_ip4(struct prison *, struct prison *);
+bool prison_equal_ip4(struct prison *, struct prison *);
 int prison_get_ip4(struct ucred *cred, struct in_addr *ia);
 int prison_local_ip4(struct ucred *cred, struct in_addr *ia);
 int prison_remote_ip4(struct ucred *cred, struct in_addr *ia);
 int prison_check_ip4(const struct ucred *, const struct in_addr *);
 int prison_check_ip4_locked(const struct prison *, const struct in_addr *);
-int prison_saddrsel_ip4(struct ucred *, struct in_addr *);
+bool prison_saddrsel_ip4(struct ucred *, struct in_addr *);
 int prison_qcmp_v4(const void *, const void *);
 bool prison_valid_v4(const void *);
 #endif
 #ifdef INET6
-int prison_equal_ip6(struct prison *, struct prison *);
+bool prison_equal_ip6(struct prison *, struct prison *);
 int prison_get_ip6(struct ucred *, struct in6_addr *);
 int prison_local_ip6(struct ucred *, struct in6_addr *, int);
 int prison_remote_ip6(struct ucred *, struct in6_addr *);
 int prison_check_ip6(const struct ucred *, const struct in6_addr *);
 int prison_check_ip6_locked(const struct prison *, const struct in6_addr *);
-int prison_saddrsel_ip6(struct ucred *, struct in6_addr *);
+bool prison_saddrsel_ip6(struct ucred *, struct in6_addr *);
 int prison_qcmp_v6(const void *, const void *);
 bool prison_valid_v6(const void *);
 #endif