From owner-freebsd-current@FreeBSD.ORG  Mon Jun 28 06:41:17 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id ECFF616A4CE; Mon, 28 Jun 2004 06:41:17 +0000 (GMT)
Received: from rwcrmhc11.comcast.net (rwcrmhc11.comcast.net [204.127.198.35])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 266FB43D3F; Mon, 28 Jun 2004 06:41:13 +0000 (GMT)
	(envelope-from julian@elischer.org)
Received: from interjet.elischer.org ([24.7.73.28])
          by comcast.net (rwcrmhc11) with ESMTP
          id <2004062806405101300evpsle>; Mon, 28 Jun 2004 06:41:01 +0000
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id XAA37208;
	Sun, 27 Jun 2004 23:40:49 -0700 (PDT)
Date: Sun, 27 Jun 2004 23:40:48 -0700 (PDT)
From: Julian Elischer <julian@elischer.org>
To: Pawel Jakub Dawidek <pjd@FreeBSD.org>
In-Reply-To: <20040627101951.GJ12007@darkness.comp.waw.pl>
Message-ID: <Pine.BSF.4.21.0406272339040.19712-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: rwatson@freebsd.org
cc: FreeBSD current users <current@freebsd.org>
cc: bzeeb+freebsd@zabbadoz.net
Subject: Re: jail getfsstat patches.
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Jun 2004 06:41:18 -0000



On Sun, 27 Jun 2004, Pawel Jakub Dawidek wrote:

> On Sun, Jun 27, 2004 at 08:59:32AM +0200, Pawel Jakub Dawidek wrote:
> +> If you give me a few days (maybe I'll be ready today) I'll try to prepare
> +> patch to commit so we can review it together.
> 
> Ok, here it goes:
> 
> 	http://people.freebsd.org/~pjd/patches/jail_enforce_statfs.patch
> 
> As you can see, all mac_check_mount_stat() calls are placed after a
> prison_canseemount() call, so we can considern moving mac_check_mount_stat()
> to prison_canseemount() function.
> 

 The patch looks good to me but I don't have a 5.x machine with jails at
the moment (I may try set up a small jail tomorrow to test it).

do you have a 4.x version?

I have been testing the kernel module version for 4.x
and it seems to work as advertised..