diff options
| author | Jamie Gritton <jamie@FreeBSD.org> | 2015-01-28 21:08:09 +0000 |
|---|---|---|
| committer | Jamie Gritton <jamie@FreeBSD.org> | 2015-01-28 21:08:09 +0000 |
| commit | 464aad140717552ce0693cd33f6d9e5d3653287e (patch) | |
| tree | 8fb9bb7bfb5ce6fd9121894060e6bd8e6379ed85 /sys/fs | |
| parent | e946956c6c7d9cdf81f34d66fb0b0411fdf9b4b3 (diff) | |
| download | src-464aad140717552ce0693cd33f6d9e5d3653287e.tar.gz src-464aad140717552ce0693cd33f6d9e5d3653287e.zip | |
Add allow.mount.fdescfs jail flag.
PR: 192951
Submitted by: ruben@verweg.com
MFC after: 3 days
Notes
Notes:
svn path=/head/; revision=277855
Diffstat (limited to 'sys/fs')
| -rw-r--r-- | sys/fs/fdescfs/fdesc_vfsops.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/fs/fdescfs/fdesc_vfsops.c b/sys/fs/fdescfs/fdesc_vfsops.c index cb5e3c0d0a12..d3d8ce01ad2e 100644 --- a/sys/fs/fdescfs/fdesc_vfsops.c +++ b/sys/fs/fdescfs/fdesc_vfsops.c @@ -42,6 +42,7 @@ #include <sys/systm.h> #include <sys/filedesc.h> #include <sys/kernel.h> +#include <sys/jail.h> #include <sys/lock.h> #include <sys/mutex.h> #include <sys/malloc.h> @@ -78,8 +79,12 @@ fdesc_mount(struct mount *mp) { int error = 0; struct fdescmount *fmp; + struct thread *td = curthread; struct vnode *rvp; + if (!prison_allow(td->td_ucred, PR_ALLOW_MOUNT_FDESCFS)) + return (EPERM); + /* * Update is a no-op */ @@ -237,4 +242,4 @@ static struct vfsops fdesc_vfsops = { .vfs_unmount = fdesc_unmount, }; -VFS_SET(fdesc_vfsops, fdescfs, VFCF_SYNTHETIC); +VFS_SET(fdesc_vfsops, fdescfs, VFCF_SYNTHETIC | VFCF_JAIL); |