jail: Fix information leak.
There is a lack of proper visibility checking in kern.ttys sysctl handler
which leads to information leak about processes outside the current jail.
This can be demonstrated with pstat -t: when called from within a jail,
it will output all terminal devices including process groups and
session leader process IDs:
jail# pstat -t | grep pts/ | head
LINE INQ CAN LIN LOW OUTQ USE LOW COL SESS PGID STATE pts/2 1920 0 0 192 1984 0 199 0 4132 27245 Oi pts/3 1920 0 0 192 1984 0 199 16 24890 33627 Oi pts/5 0 0 0 0 0 0 0 25 17758 0 G pts/16 0 0 0 0 0 0 0 0 52495 0 G pts/15 0 0 0 0 0 0 0 25 53446 0 G pts/17 0 0 0 0 0 0 0 6702 33230 0 G pts/19 0 0 0 0 0 0 0 14 1116 0 G pts/0 0 0 0 0 0 0 0 0 2241 0 G pts/23 0 0 0 0 0 0 0 20 15639 0 G pts/6 0 0 0 0 0 0 0 0 44062 93792 G
jail# pstat -t | grep pts/ | wc -l
85
Devfs does the filtering correctly and we get only one entry:
jail# ls /dev/pts/
2
Approved by: mzaborski, secteam
MFC after: 1 week
Sponsored by: Fudo Security
Approved by: so
Security: FreeBSD-SA-24:02.tty
Security: CVE-2024-25941
(cherry picked from commit f1d0a0cbecf2c688061f35adea85bfb29c9ec893)
(cherry picked from commit a376108029a20f4ce51476d98f2483a7008ce7b5)
(cherry picked from commit 41ac0b4ce00bae061164384f23356a4df6e0e695)
(cherry picked from commit 9bff7ec98354a76c171905ce9530f85685725ee7)