1/*-
2 * Copyright (c) 1982, 1986, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Mike Karels at Berkeley Software Design, Inc.
7 *
8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD
--- 23 unchanged lines hidden (view full) ---
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
40 * $FreeBSD: head/sys/kern/kern_mib.c 87275 2001-12-03 16:12:27Z rwatson $
41 */
42
43#include "opt_global.h"
44#include "opt_posix.h"
45
46#include <sys/param.h>
47#include <sys/kernel.h>
48#include <sys/systm.h>
49#include <sys/sysctl.h>
50#include <sys/proc.h>
51#include <sys/lock.h>
52#include <sys/mutex.h>
53#include <sys/jail.h>
54#include <sys/smp.h>
55
56SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0,
57 "Sysctl internal magic");
58SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0,
59 "High kernel, proc, limits &c");
60SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0,
--- 91 unchanged lines hidden (view full) ---
152 machine_arch, 0, "System architecture");
153
154char hostname[MAXHOSTNAMELEN];
155
156static int
157sysctl_hostname(SYSCTL_HANDLER_ARGS)
158{
159 struct prison *pr;
160 char tmphostname[MAXHOSTNAMELEN];
161 int error;
162
163 pr = req->td->td_proc->p_ucred->cr_prison;
164 if (pr != NULL) {
165 if (!jail_set_hostname_allowed && req->newptr)
166 return (EPERM);
167 /*
168 * Process is in jail, so make a local copy of jail
169 * hostname to get/set so we don't have to hold the jail
170 * mutex during the sysctl copyin/copyout activities.
171 */
172 mtx_lock(&pr->pr_mtx);
173 bcopy(pr->pr_host, tmphostname, MAXHOSTNAMELEN);
174 mtx_unlock(&pr->pr_mtx);
175
176 error = sysctl_handle_string(oidp, tmphostname,
177 sizeof pr->pr_host, req);
178
179 if (req->newptr != NULL && error == 0) {
180 /*
181 * Copy the locally set hostname to the jail, if
182 * appropriate.
183 */
184 mtx_lock(&pr->pr_mtx);
185 bcopy(tmphostname, pr->pr_host, MAXHOSTNAMELEN);
186 mtx_unlock(&pr->pr_mtx);
187 }
188 } else
189 error = sysctl_handle_string(oidp,
190 hostname, sizeof hostname, req);
191 return (error);
192}
193
194SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
195 CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_PRISON,
--- 15 unchanged lines hidden (view full) ---
211 int error, level;
212
213 pr = req->td->td_proc->p_ucred->cr_prison;
214
215 /*
216 * If the process is in jail, return the maximum of the global and
217 * local levels; otherwise, return the global level.
218 */
219 if (pr != NULL) {
220 mtx_lock(&pr->pr_mtx);
221 level = imax(securelevel, pr->pr_securelevel);
222 mtx_unlock(&pr->pr_mtx);
223 } else
224 level = securelevel;
225 error = sysctl_handle_int(oidp, &level, 0, req);
226 if (error || !req->newptr)
227 return (error);
228 /*
229 * Permit update only if the new securelevel exceeds the
230 * global level, and local level if any.
231 */
232 if (pr != NULL) {
233 mtx_lock(&pr->pr_mtx);
234 if (!regression_securelevel_nonmonotonic &&
235 (level < imax(securelevel, pr->pr_securelevel))) {
236 mtx_unlock(&pr->pr_mtx);
237 return (EPERM);
238 }
239 pr->pr_securelevel = level;
240 mtx_unlock(&pr->pr_mtx);
241 } else {
242 if (!regression_securelevel_nonmonotonic &&
243 (level < securelevel))
244 return (EPERM);
245 securelevel = level;
246 }
247 return (error);
248}
--- 79 unchanged lines hidden ---
2 * Copyright (c) 1982, 1986, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Mike Karels at Berkeley Software Design, Inc.
7 *
8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD
--- 23 unchanged lines hidden (view full) ---
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
40 * $FreeBSD: head/sys/kern/kern_mib.c 87275 2001-12-03 16:12:27Z rwatson $
41 */
42
43#include "opt_global.h"
44#include "opt_posix.h"
45
46#include <sys/param.h>
47#include <sys/kernel.h>
48#include <sys/systm.h>
49#include <sys/sysctl.h>
50#include <sys/proc.h>
51#include <sys/lock.h>
52#include <sys/mutex.h>
53#include <sys/jail.h>
54#include <sys/smp.h>
55
56SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0,
57 "Sysctl internal magic");
58SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0,
59 "High kernel, proc, limits &c");
60SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0,
--- 91 unchanged lines hidden (view full) ---
152 machine_arch, 0, "System architecture");
153
154char hostname[MAXHOSTNAMELEN];
155
156static int
157sysctl_hostname(SYSCTL_HANDLER_ARGS)
158{
159 struct prison *pr;
160 char tmphostname[MAXHOSTNAMELEN];
161 int error;
162
163 pr = req->td->td_proc->p_ucred->cr_prison;
164 if (pr != NULL) {
165 if (!jail_set_hostname_allowed && req->newptr)
166 return (EPERM);
167 /*
168 * Process is in jail, so make a local copy of jail
169 * hostname to get/set so we don't have to hold the jail
170 * mutex during the sysctl copyin/copyout activities.
171 */
172 mtx_lock(&pr->pr_mtx);
173 bcopy(pr->pr_host, tmphostname, MAXHOSTNAMELEN);
174 mtx_unlock(&pr->pr_mtx);
175
176 error = sysctl_handle_string(oidp, tmphostname,
177 sizeof pr->pr_host, req);
178
179 if (req->newptr != NULL && error == 0) {
180 /*
181 * Copy the locally set hostname to the jail, if
182 * appropriate.
183 */
184 mtx_lock(&pr->pr_mtx);
185 bcopy(tmphostname, pr->pr_host, MAXHOSTNAMELEN);
186 mtx_unlock(&pr->pr_mtx);
187 }
188 } else
189 error = sysctl_handle_string(oidp,
190 hostname, sizeof hostname, req);
191 return (error);
192}
193
194SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
195 CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_PRISON,
--- 15 unchanged lines hidden (view full) ---
211 int error, level;
212
213 pr = req->td->td_proc->p_ucred->cr_prison;
214
215 /*
216 * If the process is in jail, return the maximum of the global and
217 * local levels; otherwise, return the global level.
218 */
219 if (pr != NULL) {
220 mtx_lock(&pr->pr_mtx);
221 level = imax(securelevel, pr->pr_securelevel);
222 mtx_unlock(&pr->pr_mtx);
223 } else
224 level = securelevel;
225 error = sysctl_handle_int(oidp, &level, 0, req);
226 if (error || !req->newptr)
227 return (error);
228 /*
229 * Permit update only if the new securelevel exceeds the
230 * global level, and local level if any.
231 */
232 if (pr != NULL) {
233 mtx_lock(&pr->pr_mtx);
234 if (!regression_securelevel_nonmonotonic &&
235 (level < imax(securelevel, pr->pr_securelevel))) {
236 mtx_unlock(&pr->pr_mtx);
237 return (EPERM);
238 }
239 pr->pr_securelevel = level;
240 mtx_unlock(&pr->pr_mtx);
241 } else {
242 if (!regression_securelevel_nonmonotonic &&
243 (level < securelevel))
244 return (EPERM);
245 securelevel = level;
246 }
247 return (error);
248}
--- 79 unchanged lines hidden ---