1/*-
2 * Copyright (c) 1982, 1986, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Mike Karels at Berkeley Software Design, Inc.
7 *
8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD
--- 23 unchanged lines hidden (view full) ---
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
40 * $FreeBSD: head/sys/kern/kern_mib.c 87072 2001-11-28 21:22:05Z rwatson $
41 */
42
43#include "opt_global.h"
44#include "opt_posix.h"
45
46#include <sys/param.h>
47#include <sys/kernel.h>
48#include <sys/systm.h>
49#include <sys/sysctl.h>
50#include <sys/proc.h>
51#include <sys/jail.h>
52#include <sys/smp.h>
53
54SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0,
55 "Sysctl internal magic");
56SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0,
57 "High kernel, proc, limits &c");
58SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0,
--- 91 unchanged lines hidden (view full) ---
150 machine_arch, 0, "System architecture");
151
152char hostname[MAXHOSTNAMELEN];
153
154static int
155sysctl_hostname(SYSCTL_HANDLER_ARGS)
156{
157 struct prison *pr;
158 int error;
159
160 pr = req->td->td_proc->p_ucred->cr_prison;
161 if (pr != NULL) {
162 if (!jail_set_hostname_allowed && req->newptr)
163 return (EPERM);
164 error = sysctl_handle_string(oidp, pr->pr_host,
165 sizeof pr->pr_host, req);
166 } else
167 error = sysctl_handle_string(oidp,
168 hostname, sizeof hostname, req);
169 return (error);
170}
171
172SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
173 CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_PRISON,
--- 15 unchanged lines hidden (view full) ---
189 int error, level;
190
191 pr = req->td->td_proc->p_ucred->cr_prison;
192
193 /*
194 * If the process is in jail, return the maximum of the global and
195 * local levels; otherwise, return the global level.
196 */
197 if (pr != NULL)
198 level = imax(securelevel, pr->pr_securelevel);
199 else
200 level = securelevel;
201 error = sysctl_handle_int(oidp, &level, 0, req);
202 if (error || !req->newptr)
203 return (error);
204 /*
205 * Permit update only if the new securelevel exceeds the
206 * global level, and local level if any.
207 */
208 if (pr != NULL) {
209 if (!regression_securelevel_nonmonotonic &&
210 (level < imax(securelevel, pr->pr_securelevel)))
211 return (EPERM);
212 pr->pr_securelevel = level;
213 } else {
214 if (!regression_securelevel_nonmonotonic &&
215 (level < securelevel))
216 return (EPERM);
217 securelevel = level;
218 }
219 return (error);
220}
--- 79 unchanged lines hidden ---
2 * Copyright (c) 1982, 1986, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * This code is derived from software contributed to Berkeley by
6 * Mike Karels at Berkeley Software Design, Inc.
7 *
8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD
--- 23 unchanged lines hidden (view full) ---
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94
40 * $FreeBSD: head/sys/kern/kern_mib.c 87072 2001-11-28 21:22:05Z rwatson $
41 */
42
43#include "opt_global.h"
44#include "opt_posix.h"
45
46#include <sys/param.h>
47#include <sys/kernel.h>
48#include <sys/systm.h>
49#include <sys/sysctl.h>
50#include <sys/proc.h>
51#include <sys/jail.h>
52#include <sys/smp.h>
53
54SYSCTL_NODE(, 0, sysctl, CTLFLAG_RW, 0,
55 "Sysctl internal magic");
56SYSCTL_NODE(, CTL_KERN, kern, CTLFLAG_RW, 0,
57 "High kernel, proc, limits &c");
58SYSCTL_NODE(, CTL_VM, vm, CTLFLAG_RW, 0,
--- 91 unchanged lines hidden (view full) ---
150 machine_arch, 0, "System architecture");
151
152char hostname[MAXHOSTNAMELEN];
153
154static int
155sysctl_hostname(SYSCTL_HANDLER_ARGS)
156{
157 struct prison *pr;
158 int error;
159
160 pr = req->td->td_proc->p_ucred->cr_prison;
161 if (pr != NULL) {
162 if (!jail_set_hostname_allowed && req->newptr)
163 return (EPERM);
164 error = sysctl_handle_string(oidp, pr->pr_host,
165 sizeof pr->pr_host, req);
166 } else
167 error = sysctl_handle_string(oidp,
168 hostname, sizeof hostname, req);
169 return (error);
170}
171
172SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
173 CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_PRISON,
--- 15 unchanged lines hidden (view full) ---
189 int error, level;
190
191 pr = req->td->td_proc->p_ucred->cr_prison;
192
193 /*
194 * If the process is in jail, return the maximum of the global and
195 * local levels; otherwise, return the global level.
196 */
197 if (pr != NULL)
198 level = imax(securelevel, pr->pr_securelevel);
199 else
200 level = securelevel;
201 error = sysctl_handle_int(oidp, &level, 0, req);
202 if (error || !req->newptr)
203 return (error);
204 /*
205 * Permit update only if the new securelevel exceeds the
206 * global level, and local level if any.
207 */
208 if (pr != NULL) {
209 if (!regression_securelevel_nonmonotonic &&
210 (level < imax(securelevel, pr->pr_securelevel)))
211 return (EPERM);
212 pr->pr_securelevel = level;
213 } else {
214 if (!regression_securelevel_nonmonotonic &&
215 (level < securelevel))
216 return (EPERM);
217 securelevel = level;
218 }
219 return (error);
220}
--- 79 unchanged lines hidden ---