Diffusion FreeBSD src repository bd9e3fcaa064

MAC/do: Fix jail_get() (PR_METHOD_GET)
bd9e3fcaa064
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

MAC/do: Fix jail_get() (PR_METHOD_GET)

Properly fill 'jsys' before copying it out (we would leak bytes from the kernel stack). When the current jail has its own 'struct rules', set it to the special value JAIL_SYS_DISABLE if it in fact holds no rules.
Don't forget to unlock the jail holding rules on error.
Correctly return errors.

Reviewed by: bapt
Approved by: markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47609

(cherry picked from commit 2a20ce91dc29e5a80f4eeb9352cf3169cd1891b9)

Details

Provenance

olce	Authored on Jul 3 2024, 3:22 PM

Reviewer

Differential Revision

D47609: MAC/do: Fix jail_get() (PR_METHOD_GET)

Parents

rG3c77f39d2ae6: MAC/do: Sysctl knobs/jail parameters under MAC's common nodes

Branches

Unknown

Tags

Unknown

Event Timeline

olce committed rGbd9e3fcaa064: MAC/do: Fix jail_get() (PR_METHOD_GET) (authored by olce).Apr 3 2025, 7:31 PM

olce added an edge: D47609: MAC/do: Fix jail_get() (PR_METHOD_GET).Apr 3 2025, 7:35 PM

Changes (1)

Path

Size

sys/

security/

mac_do/

rGbd9e3fcaa064

sys/security/mac_do/mac_do.c

Loading...