From 7b09b25ecb2d9e5be9c06e81ce89a7c5d347bb6f Mon Sep 17 00:00:00 2001
From: csjp <csjp@FreeBSD.org>
Date: Wed, 14 Jul 2004 19:04:31 +0000
Subject: [PATCH] In addition to the real user ID check, do an explicit jail
 check to ensure that the caller is not prison root.

The intention is to fix file descriptor creation so that
prison root can not use the last remaining file descriptors.
This privilege should be reserved for non-jailed root users.

Approved by:	bmilekic (mentor)
---
 sys/kern/kern_descrip.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index 7a15e79b0402..e8ba4fecf55c 100644
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/conf.h>
 #include <sys/filedesc.h>
 #include <sys/lock.h>
+#include <sys/jail.h>
 #include <sys/kernel.h>
 #include <sys/limits.h>
 #include <sys/malloc.h>
@@ -1303,8 +1304,8 @@ falloc(td, resultfp, resultfd)
 
 	fp = uma_zalloc(file_zone, M_WAITOK | M_ZERO);
 	sx_xlock(&filelist_lock);
-	if ((nfiles >= maxuserfiles && td->td_ucred->cr_ruid != 0)
-	   || nfiles >= maxfiles) {
+	if ((nfiles >= maxuserfiles && (td->td_ucred->cr_ruid != 0 ||
+	   jailed(td->td_ucred))) || nfiles >= maxfiles) {
 		if (ppsratecheck(&lastfail, &curfail, 1)) {
 			printf("kern.maxfiles limit exceeded by uid %i, please see tuning(7).\n",
 				td->td_ucred->cr_ruid);