https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200361
Bjoern A. Zeeb <b...@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Open |In Progress --- Comment #1 from Bjoern A. Zeeb <b...@freebsd.org> --- Not even compile tested but if someone could make sure it does the right thing, that would be great: (1) base system should always continue to work as-is. (2) a classic jail should get an "operation not permitted" back on attempting to read. (3) for VIMAGE kernels, base system see (1), classic jail see (2), and a vnet jail should not change either. Index: tcp_hostcache.c =================================================================== --- tcp_hostcache.c (revision 283272) +++ tcp_hostcache.c (working copy) @@ -69,6 +69,7 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> #include <sys/systm.h> +#include <sys/jail.h> #include <sys/kernel.h> #include <sys/lock.h> #include <sys/mutex.h> @@ -608,6 +609,9 @@ sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS) char ip6buf[INET6_ADDRSTRLEN]; #endif + if (jailed_without_vnet(curthread->td_cred) != 0) + return (EPERM); + sbuf_new(&sb, NULL, linesize * (V_tcp_hostcache.cache_count + 1), SBUF_INCLUDENUL); -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"