The sysctl kern.ipc.posix_shm_list isn't marked as jail-safe, which results in problems listing POSIX shared memory allocations from within a jail: # posixshmcontrol ls posixshmcontrol: cannot get kern.ipc.posix_shm_list length: Operation not permitted while accessing them directly works, e.g.: # posixshmcontrol stat /xyz output as expected... See also the jails mailing list: https://lists.freebsd.org/archives/freebsd-jail/2021-June/000029.html
@Jamie Any news on this one?
A bit of back-burner-itis - the ping brings it to the front though :-).
Created attachment 232080 [details] Add CTLFLAG_PRISON to kern.ipc.posix_shm_list Well that was embarrassingly easy. It turns out no changes to sysctl_posix_shm_list were necessary, as it already removes the out-of-prison listings. So I just need to add the one flag to the sysctl.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=d7c4ea7d728e7480477eaedf79fac84e7d1aefde commit d7c4ea7d728e7480477eaedf79fac84e7d1aefde Author: Jamie Gritton <jamie@FreeBSD.org> AuthorDate: 2022-02-24 17:30:49 +0000 Commit: Jamie Gritton <jamie@FreeBSD.org> CommitDate: 2022-02-24 17:30:49 +0000 posixshm: Allow jails to use kern.ipc.posix_shm_list PR: 257554 Reported by: grembo@ sys/kern/uipc_shm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=803d7f4ccdca197a1b2fcb2c8ecc2e4bf18f15d0 commit 803d7f4ccdca197a1b2fcb2c8ecc2e4bf18f15d0 Author: Jamie Gritton <jamie@FreeBSD.org> AuthorDate: 2022-02-24 17:30:49 +0000 Commit: Jamie Gritton <jamie@FreeBSD.org> CommitDate: 2022-03-02 23:08:00 +0000 posixshm: Allow jails to use kern.ipc.posix_shm_list PR: 257554 Reported by: grembo@ (cherry picked from commit d7c4ea7d728e7480477eaedf79fac84e7d1aefde) sys/kern/uipc_shm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)