From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 01:15:20 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 25300DF8; Thu, 22 Aug 2013 01:15:20 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 11B2E2BB5; Thu, 22 Aug 2013 01:15:20 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r7M1FJe3001257; Thu, 22 Aug 2013 01:15:19 GMT (envelope-from security-advisories@freebsd.org) Received: (from delphij@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r7M1FJfY001255; Thu, 22 Aug 2013 01:15:19 GMT (envelope-from security-advisories@freebsd.org) Date: Thu, 22 Aug 2013 01:15:19 GMT Message-Id: <201308220115.r7M1FJfY001255@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: delphij set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast Precedence: bulk X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Reply-To: freebsd-security@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 01:15:20 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FreeBSD-SA-13:09.ip_multicast Security Advisory The FreeBSD Project Topic: integer overflow in IP_MSFILTER Category: core Module: kernel Announced: 2013-08-22 Credits: Clement Lecigne (Google Security Team) Affects: All supported versions of FreeBSD. Corrected: 2013-08-22 00:51:37 UTC (stable/9, 9.2-PRERELEASE) 2013-08-22 00:51:43 UTC (releng/9.2, 9.2-RC2-p1) 2013-08-22 00:51:48 UTC (releng/9.1, 9.1-RELEASE-p6) 2013-08-22 00:51:37 UTC (stable/8, 8.4-STABLE) 2013-08-22 00:51:56 UTC (releng/8.4, 8.4-RELEASE-p3) 2013-08-22 00:51:56 UTC (releng/8.3, 8.3-RELEASE-p10) CVE Name: CVE-2013-3077 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background IP multicast is a method of sending Internet Protocol (IP) datagrams to a group of interested receivers in a single transmission. II. Problem Description An integer overflow in computing the size of a temporary buffer can result in a buffer which is too small for the requested operation. III. Impact An unprivileged process can read or write pages of memory which belong to the kernel. These may lead to exposure of sensitive information or allow privilege escalation. IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-13:09/ip_multicast.patch # fetch http://security.FreeBSD.org/patches/SA-13:09/ip_multicast.patch.asc # gpg --verify ip_multicast.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. 3) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r254629 releng/8.3/ r254632 releng/8.4/ r254632 stable/9/ r254629 releng/9.1/ r254631 releng/9.2/ r254630 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing XXXXXX with the revision number, on a machine with Subversion installed: # svn diff -cXXXXXX --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing XXXXXX with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (FreeBSD) iEYEARECAAYFAlIVY1YACgkQFdaIBMps37K1cwCeOwXryun/C0EceD7v1se+z8w1 EUYAoJ7Hh/bOjyuD6oR6ZOEqtDVIL5LP =6Ehk -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 01:15:40 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 0842522F; Thu, 22 Aug 2013 01:15:40 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DDB352BDD; Thu, 22 Aug 2013 01:15:39 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r7M1FdAD001305; Thu, 22 Aug 2013 01:15:39 GMT (envelope-from security-advisories@freebsd.org) Received: (from delphij@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r7M1FdcU001303; Thu, 22 Aug 2013 01:15:39 GMT (envelope-from security-advisories@freebsd.org) Date: Thu, 22 Aug 2013 01:15:39 GMT Message-Id: <201308220115.r7M1FdcU001303@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: delphij set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-13:10.sctp Precedence: bulk X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Reply-To: freebsd-security@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 01:15:40 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:10.sctp Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sctp(4) Category: core Module: sctp Announced: 2013-08-22 Credits: Julian Seward, Michael Tuexen Affects: All supported versions of FreeBSD. Corrected: 2013-08-15 04:25:16 UTC (stable/9, 9.2-PRERELEASE) 2013-08-15 05:14:20 UTC (releng/9.2, 9.2-RC2) 2013-08-22 00:51:48 UTC (releng/9.1, 9.1-RELEASE-p6) 2013-08-15 04:35:25 UTC (stable/8, 8.4-STABLE) 2013-08-22 00:51:56 UTC (releng/8.4, 8.4-RELEASE-p3) 2013-08-22 00:51:56 UTC (releng/8.3, 8.3-RELEASE-p10) CVE Name: CVE-2013-5209 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The SCTP protocol provides reliable, flow-controlled, two-way transmission of data. It is a message oriented protocol and can support the SOCK_STREAM and SOCK_SEQPACKET abstractions. The SCTP protocol checks the integrity of messages by validating the state cookie information that is returned from the peer. II. Problem Description When initializing the SCTP state cookie being sent in INIT-ACK chunks, a buffer allocated from the kernel stack is not completely initialized. III. Impact Fragments of kernel memory may be included in SCTP packets and transmitted over the network. For each SCTP session, there are two separate instances in which a 4-byte fragment may be transmitted. This memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way. For example, a terminal buffer might include an user-entered password. IV. Workaround No workaround is available, but systems not using the SCTP protocol are not vulnerable. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-13:10/sctp.patch # fetch http://security.FreeBSD.org/patches/SA-13:10/sctp.patch.asc # gpg --verify sctp.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. 3) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r254354 releng/8.3/ r254632 releng/8.4/ r254632 stable/9/ r254352 releng/9.1/ r254631 releng/9.2/ r254355 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing XXXXXX with the revision number, on a machine with Subversion installed: # svn diff -cXXXXXX --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing XXXXXX with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (FreeBSD) iEYEARECAAYFAlIVY1YACgkQFdaIBMps37L0AQCgh30FZd+f+rmzMabRFkTPVEmX tZgAnRuZptKgvlHkqnEhUj30tH6xLDCO =KJ8k -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 10:08:52 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DB3A1F7A for ; Thu, 22 Aug 2013 10:08:52 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 9E1922EF7 for ; Thu, 22 Aug 2013 10:08:52 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id 7E6CA4E0E; Thu, 22 Aug 2013 10:08:46 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id C60B62FB9E; Thu, 22 Aug 2013 12:08:08 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: oss-security@lists.openwall.com Subject: Re: [oss-security] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp References: <201308220115.r7M1Fea3001317@freefall.freebsd.org> Date: Thu, 22 Aug 2013 12:08:08 +0200 In-Reply-To: <201308220115.r7M1Fea3001317@freefall.freebsd.org> (FreeBSD Security Advisories's message of "Thu, 22 Aug 2013 01:15:40 GMT") Message-ID: <86txiighrr.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 10:08:52 -0000 This also affects third-party software (Firefox, at the very least) that incorporates FreeBSD's SCTP implementation. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 10:53:22 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 8F9D7B43 for ; Thu, 22 Aug 2013 10:53:22 +0000 (UTC) (envelope-from huzaifas@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx1.freebsd.org (Postfix) with ESMTP id 6F06E21DC for ; Thu, 22 Aug 2013 10:53:22 +0000 (UTC) Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r7MAjcIb003327 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 22 Aug 2013 06:45:38 -0400 Received: from babylon.pnq.redhat.com (dhcp193-192.pnq.redhat.com [10.65.193.192]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r7MAjZ3m028506; Thu, 22 Aug 2013 06:45:36 -0400 Message-ID: <5215EC4F.1090405@redhat.com> Date: Thu, 22 Aug 2013 16:17:43 +0530 From: Huzaifa Sidhpurwala User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8 MIME-Version: 1.0 To: oss-security@lists.openwall.com Subject: Re: [oss-security] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp References: <201308220115.r7M1Fea3001317@freefall.freebsd.org> <86txiighrr.fsf@nine.des.no> In-Reply-To: <86txiighrr.fsf@nine.des.no> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Mailman-Approved-At: Thu, 22 Aug 2013 11:42:00 +0000 Cc: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= , freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 10:53:22 -0000 On 08/22/2013 03:38 PM, Dag-Erling Smørgrav wrote: > This also affects third-party software (Firefox, at the very least) that > incorporates FreeBSD's SCTP implementation. > Are you sure about this? i did not find anything in the Mozilla code! -- Huzaifa Sidhpurwala / Red Hat Security Response Team From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 11:43:28 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 17924EF2 for ; Thu, 22 Aug 2013 11:43:28 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id CE4AE2589 for ; Thu, 22 Aug 2013 11:43:27 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id AC93B40D2; Thu, 22 Aug 2013 11:43:26 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 3CEC52FBBC; Thu, 22 Aug 2013 13:42:49 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Huzaifa Sidhpurwala Subject: Re: [oss-security] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp References: <201308220115.r7M1Fea3001317@freefall.freebsd.org> <86txiighrr.fsf@nine.des.no> <5215EC4F.1090405@redhat.com> Date: Thu, 22 Aug 2013 13:42:48 +0200 In-Reply-To: <5215EC4F.1090405@redhat.com> (Huzaifa Sidhpurwala's message of "Thu, 22 Aug 2013 16:17:43 +0530") Message-ID: <86ppt6gddz.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: oss-security@lists.openwall.com, freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 11:43:28 -0000 Huzaifa Sidhpurwala writes: > Dag-Erling Sm=C3=B8rgrav writes: > > This also affects third-party software (Firefox, at the very least) > > that incorporates FreeBSD's SCTP implementation. > Are you sure about this? Allow me to amend my statement: this *may* also affect third-party software that incorporates our SCTP implementation, including Mozilla Firefox and Google Chrome. I can neither confirm nor deny that they are actually vulnerable; all I can say is that a) I have it on good authority that they use the same code (JFGI!) and b) they were notified in advance. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 19:15:30 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B4D2DDA7; Thu, 22 Aug 2013 19:15:30 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8D528273F; Thu, 22 Aug 2013 19:15:30 +0000 (UTC) Received: from zeta.ixsystems.com (unknown [69.198.165.132]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by anubis.delphij.net (Postfix) with ESMTPSA id 99B29547E; Thu, 22 Aug 2013 12:15:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis; t=1377198929; bh=OajHApMX4BVAhfA4OimECffsW8TwD9BS3/oohMwCpeA=; h=Date:From:Reply-To:To:CC:Subject; b=zdRmml/c+2gSp2XwYs3lfSzCJED+r9WelwYbBaX58F1/5WrfXW2ygH1QZh79c2ncT rpRaaqmE02MFkw6I/peKd7sJZYbIOVSrqcfH4Z4V4bdmufuDOqYEF8jFjtnclQNaCI 4hoNW9W6iowOY+WC+LNr2WY6qlivvMBDHJBNThno= Message-ID: <52166351.4030106@delphij.net> Date: Thu, 22 Aug 2013 12:15:29 -0700 From: Xin Li Organization: The FreeBSD Project MIME-Version: 1.0 To: "freebsd-security@freebsd.org" Subject: Allowing tmpfs to be mounted in jail? X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-fs@FreeBSD.ORG, kib@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 19:15:30 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, Do anybody have concerns if I would commit this? Index: sys/fs/tmpfs/tmpfs_vfsops.c =================================================================== - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663) +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy) @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops = { .vfs_statfs = tmpfs_statfs, .vfs_fhtovp = tmpfs_fhtovp, }; - -VFS_SET(tmpfs_vfsops, tmpfs, 0); +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (FreeBSD) iQEcBAEBCgAGBQJSFmNRAAoJEG80Jeu8UPuzhFMH/2jligxAHwhYCbaYe43d8XXd 8ljxmusiVWLTwsjhcZRs0Pg56BSPFR2yMbf1rLgQQCc1HpIK82N9zd3hfDoSZTM3 fhY+gB+M3aMfQ3A0lGzpCckFdj7Dlyr+drXuVeKsTCEdM7U82/GRBq/wkI8OGft4 kCd9kmpiupFL5WmboBJNjC1wSgn0TYeGXazkTY9K4n0HmZP+306xf6ABHEkPO5XI nJuGsq8u2MhBmet4Cm38dGJGXym5mWRkU/i+YmgDTCVWbdKwILtEHQyq55krSPkP p85ntduffcAwcy8Yl8facveYq+pybQKO9pEP8hUMZIN0bLPCM01FQl5x4vbyFzc= =w8tX -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 21:37:47 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 521BBED6; Thu, 22 Aug 2013 21:37:47 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A5175252F; Thu, 22 Aug 2013 21:37:46 +0000 (UTC) Received: from tom.home (kostik@localhost [127.0.0.1]) by kib.kiev.ua (8.14.7/8.14.7) with ESMTP id r7MLbWsE007931; Fri, 23 Aug 2013 00:37:32 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.8.3 kib.kiev.ua r7MLbWsE007931 Received: (from kostik@localhost) by tom.home (8.14.7/8.14.7/Submit) id r7MLbWHX007930; Fri, 23 Aug 2013 00:37:32 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Fri, 23 Aug 2013 00:37:32 +0300 From: Konstantin Belousov To: d@delphij.net Subject: Re: Allowing tmpfs to be mounted in jail? Message-ID: <20130822213732.GA4972@kib.kiev.ua> References: <52166351.4030106@delphij.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="bichG//H2mG70Fl1" Content-Disposition: inline In-Reply-To: <52166351.4030106@delphij.net> User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on tom.home Cc: freebsd-fs@FreeBSD.ORG, "freebsd-security@freebsd.org" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 21:37:47 -0000 --bichG//H2mG70Fl1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 22, 2013 at 12:15:29PM -0700, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 >=20 > Hi, >=20 > Do anybody have concerns if I would commit this? >=20 > Index: sys/fs/tmpfs/tmpfs_vfsops.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663) > +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy) > @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops =3D { > .vfs_statfs =3D tmpfs_statfs, > .vfs_fhtovp =3D tmpfs_fhtovp, > }; > - -VFS_SET(tmpfs_vfsops, tmpfs, 0); > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); >=20 Unrestricted tmpfs mounts can easily consume all available memory, making the host unusable. But the change is probably fine, since we have global 'disable mount from the jail' flag. --bichG//H2mG70Fl1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (FreeBSD) iQIcBAEBAgAGBQJSFoSbAAoJEJDCuSvBvK1B7dYP/iYajaL4lhFs0d7tm8dDMBB6 n4CgaoDAtTzj8UqcBFleeeDKqnvj+PnymR5v/PQwuwLxjkTj6sbOZ+fOGQT/kiy+ Zp0NzuqX6H7Ur45Nwt66wqA7PxOxUuLugpt1/lBreDZiPme8+xwIj9CRK/9Nt+4a ODeX7ob0B0lqDCBzj8h3xRXWjgCV05Yq2GtVkqbVGptIMgYOWhCgqBXTyoDb36qQ av4g/yMq1DzHsaq8nRLfF/GyF1BtUSk+nf1t0Dh5UaSFSLPKncl5CV5vU9yEMtWm d5KCrWzZqUuG863znfpxVRz2ya2Bl8K/5d93pOt/yl/De8pVy44lCmn7N8HA3HB9 OL7+C+vTA4L8rWsNw1K1v727+i+2YSEvOgrSKhUYAuQT35E0FT0QC1WJesyYZaIJ 9zxrsJeJ7fiEoKxk+k1rh7mr39f4CiS8DjlM7pWG0xAR8GU5lhe1NsXnAk2X1lH6 TxIA7wBvEPOGRG28cqQlC3um+iNourgFalPEBML2f61ZVs7MZ06bDZsCvioIB2fi Ns4Y96L2Npu5/zEON93iYf/a5J3yD2G3iDhiMtyeatg2qiwx69j5uIUoiPtzen8E 5p14MI9jWVk7Q0Effij1R6VK1YWX7j+gslg6ktfVBTw9jxYPM0VH4m0p5TWbSMJI rwbai0r9zOakzPw/TCFV =AOCT -----END PGP SIGNATURE----- --bichG//H2mG70Fl1-- From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 23:13:05 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3297150B; Thu, 22 Aug 2013 23:13:05 +0000 (UTC) (envelope-from dewayne.geraghty@heuristicsystems.com.au) Received: from nschwmtas03p.mx.bigpond.com (nschwmtas03p.mx.bigpond.com [61.9.189.143]) by mx1.freebsd.org (Postfix) with ESMTP id 986A42D4F; Thu, 22 Aug 2013 23:13:04 +0000 (UTC) Received: from nschwcmgw07p ([61.9.190.167]) by nschwmtas03p.mx.bigpond.com with ESMTP id <20130822231257.LLHT2008.nschwmtas03p.mx.bigpond.com@nschwcmgw07p>; Thu, 22 Aug 2013 23:12:57 +0000 Received: from hermes.heuristicsystems.com.au ([58.172.113.247]) by nschwcmgw07p with BigPond Outbound id FzCw1m0095LKYmq01zCwwB; Thu, 22 Aug 2013 23:12:57 +0000 X-Authority-Analysis: v=2.0 cv=BKIxXSsG c=1 sm=1 a=YibVxx38Z+cwdCKSMcELyg==:17 a=wLMJVk681PMA:10 a=twTT4oUKOlYA:10 a=kj9zAlcOel0A:10 a=GHIR_BbyAAAA:8 a=f-zmaRjzSWEA:10 a=6I5d2MoRAAAA:8 a=SWg00rOMAAAA:8 a=v_pWlI0P17lZLm5KGXEA:9 a=CjuIK1q_8ugA:10 a=SV7veod9ZcQA:10 a=3_5TX_vZOqAA:10 a=YibVxx38Z+cwdCKSMcELyg==:117 Received: from white (white.hs [10.0.5.2]) (authenticated bits=0) by hermes.heuristicsystems.com.au (8.14.5/8.13.6) with ESMTP id r7MNB2oR077761; Fri, 23 Aug 2013 09:11:02 +1000 (EST) (envelope-from dewayne.geraghty@heuristicsystems.com.au) From: "Dewayne Geraghty" To: , References: <52166351.4030106@delphij.net> Subject: RE: Allowing tmpfs to be mounted in jail? Date: Fri, 23 Aug 2013 09:11:02 +1000 Message-ID: <641D3DB0C34A482EA7F5902243F3F6D0@white> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-Reply-To: <52166351.4030106@delphij.net> Thread-Index: Ac6fgOskX7VKuwASRCC5TtqA+PL7vgACanrA X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 X-Mailman-Approved-At: Thu, 22 Aug 2013 23:20:14 +0000 Cc: freebsd-fs@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 23:13:05 -0000 > -----Original Message----- > From: owner-freebsd-security@freebsd.org > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Xin Li > Sent: Friday, 23 August 2013 5:15 AM > To: freebsd-security@freebsd.org > Cc: freebsd-fs@freebsd.org; kib@freebsd.org > Subject: Allowing tmpfs to be mounted in jail? > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > Do anybody have concerns if I would commit this? > > Index: sys/fs/tmpfs/tmpfs_vfsops.c > =================================================================== > - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663) > +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy) > @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops = { > .vfs_statfs = tmpfs_statfs, > .vfs_fhtovp = tmpfs_fhtovp, > }; > - -VFS_SET(tmpfs_vfsops, tmpfs, 0); > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); > > Cheers, > - -- > Xin LI https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.21 (FreeBSD) > > iQEcBAEBCgAGBQJSFmNRAAoJEG80Jeu8UPuzhFMH/2jligxAHwhYCbaYe43d8XXd > 8ljxmusiVWLTwsjhcZRs0Pg56BSPFR2yMbf1rLgQQCc1HpIK82N9zd3hfDoSZTM3 > fhY+gB+M3aMfQ3A0lGzpCckFdj7Dlyr+drXuVeKsTCEdM7U82/GRBq/wkI8OGft4 > kCd9kmpiupFL5WmboBJNjC1wSgn0TYeGXazkTY9K4n0HmZP+306xf6ABHEkPO5XI > nJuGsq8u2MhBmet4Cm38dGJGXym5mWRkU/i+YmgDTCVWbdKwILtEHQyq55krSPkP > p85ntduffcAwcy8Yl8facveYq+pybQKO9pEP8hUMZIN0bLPCM01FQl5x4vbyFzc= > =w8tX > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" Xin Li, I can envision the use of tmpfs without providing access to mounting other devices within a jail context. It would be better if this feature had its own sysctl to control the jail's state, particularly as a DOS could "inadvertently" be introduced, per Kib's earlier point. Other devices-types have additional mitigation strategies, such as exclusion via dev.rules which tmpfs doesn't have. Regards, Dewayne. From owner-freebsd-security@FreeBSD.ORG Thu Aug 22 23:20:23 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 456927A5; Thu, 22 Aug 2013 23:20:23 +0000 (UTC) (envelope-from sfourman@gmail.com) Received: from mail-vb0-x22c.google.com (mail-vb0-x22c.google.com [IPv6:2607:f8b0:400c:c02::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E788D2D9A; Thu, 22 Aug 2013 23:20:22 +0000 (UTC) Received: by mail-vb0-f44.google.com with SMTP id e13so1805224vbg.31 for ; Thu, 22 Aug 2013 16:20:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=wpE/uUL+T5tx5ffDleP0sk6Om9rTwjycVh4haGj3w2s=; b=1ANaz4VKELe9lxplK+q4Is6SOA7+6Kpf8hyvz3fieJqKU5uFUs+Lv2jiOvyJHsiF1c 3pjTSKe2ENOVwYIzby19wkwimnqa1o6sTiChQvT8lgvj3xwbXJ2M0plJ7i6AsTFWX1MJ fK4LaQ4h/dssHMtraWBSmh1zNeVwhZupWQP3fd62HdY0/LVm0WjRnoBB9BucR6M1YoG0 psF/thEPKNhUQLcyGyCWOpziBZPAtvC5c8erTwjVvcQu4zZVgS01OMsIAStAfIvZ9cOG hn4mi4O0nYYfQ9esxknDRtCecAnaC6WuZoThsvgCuHgsBQrqfRsiJlCLS1oifAJIpkwA bW2Q== MIME-Version: 1.0 X-Received: by 10.58.201.227 with SMTP id kd3mr13741179vec.14.1377213622022; Thu, 22 Aug 2013 16:20:22 -0700 (PDT) Received: by 10.220.96.78 with HTTP; Thu, 22 Aug 2013 16:20:21 -0700 (PDT) In-Reply-To: <641D3DB0C34A482EA7F5902243F3F6D0@white> References: <52166351.4030106@delphij.net> <641D3DB0C34A482EA7F5902243F3F6D0@white> Date: Thu, 22 Aug 2013 19:20:21 -0400 Message-ID: Subject: Re: Allowing tmpfs to be mounted in jail? From: "Sam Fourman Jr." To: Dewayne Geraghty X-Mailman-Approved-At: Fri, 23 Aug 2013 01:04:17 +0000 Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: FreeBSD FS , freebsd-security@freebsd.org, Xin LI X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2013 23:20:23 -0000 Xin Li, > > I can envision the use of tmpfs without providing access to mounting other > devices within a jail context. > > It would be better if this feature had its own sysctl to control the > jail's state, particularly as a DOS could "inadvertently" be > introduced, per Kib's earlier point. Other devices-types have additional > mitigation strategies, such as exclusion via dev.rules > which tmpfs doesn't have. > > Regards, Dewayne. > > Xin, This is a Great feature and it has several use cases, what about the possibility of a sysctl that adds a max amount that a jail could set a tmpfs... this would be per jail, now in theory you could over commit resources, but that would be a administrators decision, and not one jail could consume all resources. -- Sam Fourman Jr. From owner-freebsd-security@FreeBSD.ORG Fri Aug 23 07:51:24 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 994D1EA2; Fri, 23 Aug 2013 07:51:24 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6ABA223BC; Fri, 23 Aug 2013 07:51:24 +0000 (UTC) Received: from Julian-MBP3.local (etroy.elischer.org [121.45.226.51]) (authenticated bits=0) by vps1.elischer.org (8.14.7/8.14.6) with ESMTP id r7N7pCXs091325 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Fri, 23 Aug 2013 00:51:14 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <5217146A.5070308@freebsd.org> Date: Fri, 23 Aug 2013 15:51:06 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: d@delphij.net Subject: Re: Allowing tmpfs to be mounted in jail? References: <52166351.4030106@delphij.net> In-Reply-To: <52166351.4030106@delphij.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-fs@FreeBSD.ORG, "freebsd-security@freebsd.org" , Xin Li , kib@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 07:51:24 -0000 On 8/23/13 3:15 AM, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > Do anybody have concerns if I would commit this? I agree to its usefulness even if I haven't looked at the details > > Index: sys/fs/tmpfs/tmpfs_vfsops.c > =================================================================== > - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663) > +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy) > @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops = { > .vfs_statfs = tmpfs_statfs, > .vfs_fhtovp = tmpfs_fhtovp, > }; > - -VFS_SET(tmpfs_vfsops, tmpfs, 0); > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); > > Cheers, > - -- > Xin LI https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.21 (FreeBSD) > > iQEcBAEBCgAGBQJSFmNRAAoJEG80Jeu8UPuzhFMH/2jligxAHwhYCbaYe43d8XXd > 8ljxmusiVWLTwsjhcZRs0Pg56BSPFR2yMbf1rLgQQCc1HpIK82N9zd3hfDoSZTM3 > fhY+gB+M3aMfQ3A0lGzpCckFdj7Dlyr+drXuVeKsTCEdM7U82/GRBq/wkI8OGft4 > kCd9kmpiupFL5WmboBJNjC1wSgn0TYeGXazkTY9K4n0HmZP+306xf6ABHEkPO5XI > nJuGsq8u2MhBmet4Cm38dGJGXym5mWRkU/i+YmgDTCVWbdKwILtEHQyq55krSPkP > p85ntduffcAwcy8Yl8facveYq+pybQKO9pEP8hUMZIN0bLPCM01FQl5x4vbyFzc= > =w8tX > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-fs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Fri Aug 23 11:41:47 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 334491C4; Fri, 23 Aug 2013 11:41:47 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) by mx1.freebsd.org (Postfix) with ESMTP id E8B22208F; Fri, 23 Aug 2013 11:41:46 +0000 (UTC) Received: from slw by zxy.spb.ru with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1VCpmQ-000H2x-76; Fri, 23 Aug 2013 15:43:50 +0400 Date: Fri, 23 Aug 2013 15:43:50 +0400 From: Slawa Olhovchenkov To: Konstantin Belousov Subject: Re: Allowing tmpfs to be mounted in jail? Message-ID: <20130823114350.GA64913@zxy.spb.ru> References: <52166351.4030106@delphij.net> <20130822213732.GA4972@kib.kiev.ua> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20130822213732.GA4972@kib.kiev.ua> User-Agent: Mutt/1.5.21 (2010-09-15) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false Cc: freebsd-fs@FreeBSD.ORG, "freebsd-security@freebsd.org" , d@delphij.net X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 11:41:47 -0000 On Fri, Aug 23, 2013 at 12:37:32AM +0300, Konstantin Belousov wrote: > On Thu, Aug 22, 2013 at 12:15:29PM -0700, Xin Li wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA512 > > > > Hi, > > > > Do anybody have concerns if I would commit this? > > > > Index: sys/fs/tmpfs/tmpfs_vfsops.c > > =================================================================== > > - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663) > > +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy) > > @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops = { > > .vfs_statfs = tmpfs_statfs, > > .vfs_fhtovp = tmpfs_fhtovp, > > }; > > - -VFS_SET(tmpfs_vfsops, tmpfs, 0); > > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); > > > > Unrestricted tmpfs mounts can easily consume all available memory, > making the host unusable. But the change is probably fine, since > we have global 'disable mount from the jail' flag. tmpfs in jail must use memory limit from rctl memoryuse, I think.