git: 9fd978680db6 - main - jail: add security.jail.mlock_allowed
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 05 Jan 2024 12:55:21 UTC
The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=9fd978680db6495180a4d46f76529d344b003c80 commit 9fd978680db6495180a4d46f76529d344b003c80 Author: Baptiste Daroussin <bapt@FreeBSD.org> AuthorDate: 2024-01-04 14:09:44 +0000 Commit: Baptiste Daroussin <bapt@FreeBSD.org> CommitDate: 2024-01-05 12:53:57 +0000 jail: add security.jail.mlock_allowed when the parameter allow.mlock was added a way for jails to check if the parameter was set or now has not been added, this change covers it. MFC After: 3 days Reviewed by: jamie@ Differential Revision: https://reviews.freebsd.org/D43314 --- sys/kern/kern_jail.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index abecc9ac8072..0ae1d9a02f60 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -4436,6 +4436,10 @@ SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I", "Processes in jail can mount/unmount jail-friendly file systems (deprecated)"); +SYSCTL_PROC(_security_jail, OID_AUTO, mlock_allowed, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + NULL, PR_ALLOW_MLOCK, sysctl_jail_default_allow, "I", + "Processes in jail can lock/unlock physical pages in memory"); static int sysctl_jail_default_level(SYSCTL_HANDLER_ARGS)