sysctl net.inet.tcp.hostcache.list in a jail can see connections from other
jails and the host. This commit fixes it. PR: 200361 Submitted by: bz (original version), hiren (minor corrections) Reported by: Marcus Reid <marcus at blazingdot dot com> Reviewed by: bz, gnn Tested by: Lohith Bellad <lohithbsd at gmail dot com> MFC after: 1 week Sponsored by: Limelight Networks (minor corrections)
This commit is contained in:
hiren
parent
5def9fa2c2
commit
9a5ee970a5
@ -69,10 +69,12 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/systm.h>
|
||||
#include <sys/jail.h>
|
||||
#include <sys/kernel.h>
|
||||
#include <sys/lock.h>
|
||||
#include <sys/mutex.h>
|
||||
#include <sys/malloc.h>
|
||||
#include <sys/proc.h>
|
||||
#include <sys/sbuf.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/socketvar.h>
|
||||
@ -625,6 +627,9 @@ sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS)
|
||||
char ip6buf[INET6_ADDRSTRLEN];
|
||||
#endif
|
||||
|
||||
if (jailed_without_vnet(curthread->td_ucred) != 0)
|
||||
return (EPERM);
|
||||
|
||||
sbuf_new(&sb, NULL, linesize * (V_tcp_hostcache.cache_count + 1),
|
||||
SBUF_INCLUDENUL);
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user