D52105.1779226764.diff
No OneTemporary
Actions

Size

4 KB

Referenced Files

None

Subscribers

None

D52105.1779226764.diff
View Options

	diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
	--- a/sys/kern/kern_jail.c
	+++ b/sys/kern/kern_jail.c
	@@ -4729,23 +4729,43 @@
	prison_add_allow(const char prefix, const char name, const char *prefix_descr,
	const char *descr)
	{
	+ static const char fmt_allow_prefix_name[] = "allow.%s.%s";
	+ static const char fmt_allow_prefix_noname[] = "allow.%s.no%s";
	+ static const char fmt_allow_name[] = "allow.%s";
	+ static const char fmt_allow_noname[] = "allow.no%s";
	+ static const char fmt_prefix_name_allowed[] = "%s_%s_allowed";
	+ static const char fmt_name_allowed[] = "%s_allowed";
	struct bool_flags *bf;
	struct sysctl_oid *parent;
	char allow_name, allow_noname, *allowed;
	#ifndef NO_SYSCTL_DESCR
	+ static const char fmt_descr_deprecated[] = "%s (deprecated)";
	char *descr_deprecated;
	+ size_t descr_len;
	#endif
	+ size_t name_len;
	u_int allow_flag;

	- if (prefix
	- ? asprintf(&allow_name, M_PRISON, "allow.%s.%s", prefix, name)
	- < 0 \|\|
	- asprintf(&allow_noname, M_PRISON, "allow.%s.no%s", prefix, name)
	- < 0
	- : asprintf(&allow_name, M_PRISON, "allow.%s", name) < 0 \|\|
	- asprintf(&allow_noname, M_PRISON, "allow.no%s", name) < 0) {
	- free(allow_name, M_PRISON);
	- return 0;
	+ if (prefix) {
	+ name_len = strlen(prefix) + strlen(name);
	+ allow_name = malloc(sizeof(fmt_allow_prefix_name) + name_len,
	+ M_PRISON, M_WAITOK);
	+ (void)snprintf(allow_name, sizeof(fmt_allow_prefix_name)
	+ + name_len, fmt_allow_prefix_name, prefix, name);
	+ allow_noname = malloc(sizeof(fmt_allow_prefix_noname)
	+ + name_len, M_PRISON, M_WAITOK);
	+ (void)snprintf(allow_noname, sizeof(fmt_allow_prefix_noname)
	+ + name_len, fmt_allow_prefix_noname, prefix, name);
	+ } else {
	+ name_len = strlen(name);
	+ allow_name = malloc(sizeof(fmt_allow_name) + name_len,
	+ M_PRISON, M_WAITOK);
	+ (void)snprintf(allow_name, sizeof(fmt_allow_name) + name_len,
	+ fmt_allow_name, name);
	+ allow_noname = malloc(sizeof(fmt_allow_noname) + name_len,
	+ M_PRISON, M_WAITOK);
	+ (void)snprintf(allow_noname, sizeof(fmt_allow_noname)
	+ + name_len, fmt_allow_noname, name);
	}

	/*
	@@ -4809,22 +4829,35 @@
	(void)SYSCTL_ADD_PROC(NULL, SYSCTL_CHILDREN(parent), OID_AUTO,
	name, CTLTYPE_INT \| CTLFLAG_RW \| CTLFLAG_MPSAFE,
	NULL, 0, sysctl_jail_param, "B", descr);
	- if ((prefix
	- ? asprintf(&allowed, M_TEMP, "%s_%s_allowed", prefix, name)
	- : asprintf(&allowed, M_TEMP, "%s_allowed", name)) >= 0) {
	-#ifndef NO_SYSCTL_DESCR
	- (void)asprintf(&descr_deprecated, M_TEMP, "%s (deprecated)",
	- descr);
	-#endif
	- (void)SYSCTL_ADD_PROC(NULL,
	- SYSCTL_CHILDREN(&sysctl___security_jail), OID_AUTO, allowed,
	- CTLTYPE_INT \| CTLFLAG_RW \| CTLFLAG_MPSAFE, NULL, allow_flag,
	- sysctl_jail_default_allow, "I", descr_deprecated);
	-#ifndef NO_SYSCTL_DESCR
	- free(descr_deprecated, M_TEMP);
	-#endif
	- free(allowed, M_TEMP);
	+ if (prefix) {
	+ allowed = malloc(sizeof(fmt_prefix_name_allowed) + name_len,
	+ M_TEMP, M_WAITOK);
	+ (void)snprintf(allowed, sizeof(fmt_prefix_name_allowed)
	+ + name_len, fmt_prefix_name_allowed, prefix, name);
	+ } else {
	+ allowed = malloc(sizeof(fmt_name_allowed) + name_len,
	+ M_TEMP, M_WAITOK);
	+ (void)snprintf(allowed, sizeof(fmt_name_allowed) + name_len,
	+ fmt_name_allowed, name);
	}
	+#ifdef NO_SYSCTL_DESCR
	+ (void)SYSCTL_ADD_PROC(NULL,
	+ SYSCTL_CHILDREN(&sysctl___security_jail), OID_AUTO, allowed,
	+ CTLTYPE_INT \| CTLFLAG_RW \| CTLFLAG_MPSAFE, NULL, allow_flag,
	+ sysctl_jail_default_allow, "I", descr);
	+#else
	+ descr_len = strlen(descr);
	+ descr_deprecated = malloc(sizeof(fmt_descr_deprecated) + descr_len,
	+ M_TEMP, M_WAITOK);
	+ (void)snprintf(descr_deprecated, sizeof(fmt_descr_deprecated)
	+ + descr_len, fmt_descr_deprecated, descr);
	+ (void)SYSCTL_ADD_PROC(NULL,
	+ SYSCTL_CHILDREN(&sysctl___security_jail), OID_AUTO, allowed,
	+ CTLTYPE_INT \| CTLFLAG_RW \| CTLFLAG_MPSAFE, NULL, allow_flag,
	+ sysctl_jail_default_allow, "I", descr_deprecated);
	+ free(descr_deprecated, M_TEMP);
	+#endif
	+ free(allowed, M_TEMP);
	return allow_flag;

	no_add:

File Metadata

Mime Type: text/plain
Expires: Tue, May 19, 9:39 PM (28 m, 48 s)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 28750442
Default Alt Text: D52105.1779226764.diff (4 KB)

D52105.1779226764.diffNo OneTemporaryActions

D52105.1779226764.diffView Options

File Metadata

Event Timeline

D52105.1779226764.diff
No OneTemporary
Actions

D52105.1779226764.diff
View Options