Date: Mon, 22 Jan 2024 09:39:29 GMT From: Baptiste Daroussin <bapt@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: d1fdafc789df - stable/14 - jail: add security.jail.mlock_allowed Message-ID: <202401220939.40M9dTxi010649@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=d1fdafc789dfd6c9ad4145ca0bcfde87b1ca818e commit d1fdafc789dfd6c9ad4145ca0bcfde87b1ca818e Author: Baptiste Daroussin <bapt@FreeBSD.org> AuthorDate: 2024-01-04 14:09:44 +0000 Commit: Baptiste Daroussin <bapt@FreeBSD.org> CommitDate: 2024-01-22 09:39:16 +0000 jail: add security.jail.mlock_allowed when the parameter allow.mlock was added a way for jails to check if the parameter was set or now has not been added, this change covers it. MFC After: 3 days Reviewed by: jamie@ Differential Revision: https://reviews.freebsd.org/D43314 (cherry picked from commit 9fd978680db6495180a4d46f76529d344b003c80) --- sys/kern/kern_jail.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index e95008be42e8..91466c46bc62 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -4393,6 +4393,10 @@ SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I", "Processes in jail can mount/unmount jail-friendly file systems (deprecated)"); +SYSCTL_PROC(_security_jail, OID_AUTO, mlock_allowed, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + NULL, PR_ALLOW_MLOCK, sysctl_jail_default_allow, "I", + "Processes in jail can lock/unlock physical pages in memory"); static int sysctl_jail_default_level(SYSCTL_HANDLER_ARGS)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202401220939.40M9dTxi010649>