From nobody Sat Mar  7 06:23:03 2026
X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4fSY9g3kNDz6V9js
	for <dev-commits-doc-all@mlmmj.nyi.freebsd.org>; Sat, 07 Mar 2026 06:23:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4fSY9g2RKlz3TZx
	for <dev-commits-doc-all@FreeBSD.org>; Sat, 07 Mar 2026 06:23:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1772864583;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=G7xO2d8tQ6vbvq8EulwGEzLZ+8FToEjlqiuVOYdasdQ=;
	b=SA2JtSSRUwZbI3U1vGUqnrcSosH5bFZRRoko7W1DRMtWspfB5+UtoND2zNPXnQldVyg4wH
	RUWWvn6utaD4rixDJM96tVqFTC0QmxCcsA01PYpsuhSSBrbYRVC5vexBtP/1mBms3m+Nlk
	D/B3x0U4j6+SbACZcyM7IUZDKBEg0P9ELxQhdBWSNxo3JFIM5PHFQCFH/i8+IzOJ9JuKy4
	/8MbUHS1bFO3DEZtGqWUXqFD1HGyF3+owfQz1KDVrw7YIH8qrhS14P10+53p69INXBw4Bs
	kGTOjzEtzwFzaMHpkOcges+Pj7SjGFgHeZmG3s2NqBa4qn/FFknxLtW7z8JJyg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1772864583; a=rsa-sha256; cv=none;
	b=XRiOe8onG3EedmUQw1QIG1sjysO+Ykqbsb8VEH424GM/1czKURFaCohvI9V5KlZF1vRDPi
	zYJDdr9Ks0xxGgyJpxSr14diWEAZQwdmCF2ix4Z12Wa+sM3VQwLBTVy96ux9Tu54Vu9Ja5
	f3i8m35bAjT/cuMg50kDDEsyh+iRbK/8326sKGvsrEZS5dhu43oYchONcX3UfsVOD3Qr/z
	FAvaCEiyx9nyOR/6NuNrHYySggVyY8W6F/VOXlBg2GyVMMREdNyncGQ7qY1daPHkKe+z5F
	luovSAZklxvefUIU8JWkESXkNsDzAoYpzlm3dnTaS5p5ie/eJEqxbvPSU/vJJg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1772864583;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=G7xO2d8tQ6vbvq8EulwGEzLZ+8FToEjlqiuVOYdasdQ=;
	b=BHT/nV12o6uscIbKyRYICRp84YGARLi9+Ykm8MESNu9UufoZCtdZ75w053Ce+NCe1r9LwS
	n/PWI9UccWDUEh0uUWgZB0rBn/lN8ILRzSZ+BT13BEKgy+dY+usp5SvWI4rVxhYywtDRF4
	JBvLr0vPJHpNf2yPeunqHfXxVkY57rjzBiBzXvBHs4Wj0a4iVfqG+ao9e7EvEvbMBo3yY7
	cXjuRU9oHjc01NCH2gDXM0SUMUsukOazYIpS3lx7QAbmXVOQ+BG/6M1RP/UH6BnJ8p3Fcw
	TPXy1gM60BGm30CjJuCezS9mb7FeRSXgOg7VvEgzEYGJRc2xA3qXBmS+yZGwmA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4fSY9g1zdxzwqY
	for <dev-commits-doc-all@FreeBSD.org>; Sat, 07 Mar 2026 06:23:03 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 19358
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Sat, 07 Mar 2026 06:23:03 +0000
To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
Cc: Kyle Evans <kevans@FreeBSD.org>
From: Vladlen Popolitov <vladlen@FreeBSD.org>
Subject: git: da1b8e42cf - main - 14.4/relnotes: tweak the entry about child jail tampering
List-Id: Commit messages for all branches of the doc repository <dev-commits-doc-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all
List-Help: <mailto:dev-commits-doc-all+help@freebsd.org>
List-Post: <mailto:dev-commits-doc-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-doc-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-doc-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-doc-all@freebsd.org
Sender: owner-dev-commits-doc-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vladlen
X-Git-Repository: doc
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: da1b8e42cf4ab81c60dcb2e3394a1633ccc63bd8
Auto-Submitted: auto-generated
Date: Sat, 07 Mar 2026 06:23:03 +0000
Message-Id: <69abc447.19358.eebb710@gitrepo.freebsd.org>

The branch main has been updated by vladlen:

URL: https://cgit.FreeBSD.org/doc/commit/?id=da1b8e42cf4ab81c60dcb2e3394a1633ccc63bd8

commit da1b8e42cf4ab81c60dcb2e3394a1633ccc63bd8
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2026-03-07 06:21:24 +0000
Commit:     Vladlen Popolitov <vladlen@FreeBSD.org>
CommitDate: 2026-03-07 06:21:24 +0000

    14.4/relnotes: tweak the entry about child jail tampering
    
    Reviewed by: ziaee, vladlen
    Approved by: ziaee, re (implicit)
    Differential Revision: https://reviews.freebsd.org/D55675
---
 website/content/en/releases/14.4R/relnotes.adoc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/website/content/en/releases/14.4R/relnotes.adoc b/website/content/en/releases/14.4R/relnotes.adoc
index d5fe6721c1..2a6158633b 100644
--- a/website/content/en/releases/14.4R/relnotes.adoc
+++ b/website/content/en/releases/14.4R/relnotes.adoc
@@ -372,7 +372,9 @@ This section covers changes to kernel configurations, system tuning, and system
 [[kernel-general]]
 === General Kernel Changes
 
-The man:jail[8] system now restricts unprivileged users in a parent jail from scheduling, debugging, or signaling processes in subordinate jails by default. New privileges PRIV_SCHED_DIFFJAIL, PRIV_DEBUG_DIFFJAIL, and PRIV_SIGNAL_DIFFJAIL are required for such cross-jail operations. A new jail parameter allow.unprivileged_parent_tampering is introduced for backward compatibility in FreeBSD 14.x, but will be disabled by default in FreeBSD 15.x, affecting development setups that rely on cross-jail process management.
+The man:jail[8] system will restrict unprivileged users in a parent jail from scheduling, debugging, or signaling processes in subordinate jails by default in FreeBSD 15.0 and later.
+New privileges PRIV_SCHED_DIFFJAIL, PRIV_DEBUG_DIFFJAIL, and PRIV_SIGNAL_DIFFJAIL are required for such cross-jail operations.
+A new jail parameter allow.nounprivileged_parent_tampering is introduced in FreeBSD 14.x to enable early adoption of the new behavior, but this will become enabled by default in FreeBSD 15.x, affecting development setups that rely on cross-jail process management.
 gitref:5c6949e12ee6[repository=src].
 
 The change fixes a race condition in the powerpc context switch code that could cause the system to hang after starting all APs, particularly in qemu-system-ppc64 power9 pseries guests.