Bug 257554 - POSIX shared memory: Can't list allocations within jails
Summary: POSIX shared memory: Can't list allocations within jails
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 13.0-RELEASE
Hardware: Any Any
: --- Affects Only Me
Assignee: Jamie Gritton
URL:
Keywords:
Depends on:
Blocks: 257556
  Show dependency treegraph
 
Reported: 2021-08-02 09:50 UTC by Michael Gmelin
Modified: 2022-03-02 23:13 UTC (History)
2 users (show)

See Also:


Attachments
Add CTLFLAG_PRISON to kern.ipc.posix_shm_list (398 bytes, patch)
2022-02-24 17:28 UTC, Jamie Gritton
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Gmelin freebsd_committer freebsd_triage 2021-08-02 09:50:10 UTC
The sysctl kern.ipc.posix_shm_list isn't marked as jail-safe, which
results in problems listing POSIX shared memory allocations from
within a jail:

    # posixshmcontrol ls
    posixshmcontrol: cannot get kern.ipc.posix_shm_list length:
    Operation not permitted

while accessing them directly works, e.g.:

    # posixshmcontrol stat /xyz
    output as expected...

See also the jails mailing list:
https://lists.freebsd.org/archives/freebsd-jail/2021-June/000029.html
Comment 1 Michael Gmelin freebsd_committer freebsd_triage 2022-02-22 18:35:41 UTC
@Jamie Any news on this one?
Comment 2 Jamie Gritton freebsd_committer freebsd_triage 2022-02-23 01:41:21 UTC
A bit of back-burner-itis - the ping brings it to the front though :-).
Comment 3 Jamie Gritton freebsd_committer freebsd_triage 2022-02-24 17:28:54 UTC
Created attachment 232080 [details]
Add CTLFLAG_PRISON to kern.ipc.posix_shm_list

Well that was embarrassingly easy.  It turns out no changes to sysctl_posix_shm_list were necessary, as it already removes the out-of-prison listings.  So I just need to add the one flag to the sysctl.
Comment 4 commit-hook freebsd_committer freebsd_triage 2022-02-24 17:32:57 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=d7c4ea7d728e7480477eaedf79fac84e7d1aefde

commit d7c4ea7d728e7480477eaedf79fac84e7d1aefde
Author:     Jamie Gritton <jamie@FreeBSD.org>
AuthorDate: 2022-02-24 17:30:49 +0000
Commit:     Jamie Gritton <jamie@FreeBSD.org>
CommitDate: 2022-02-24 17:30:49 +0000

    posixshm: Allow jails to use kern.ipc.posix_shm_list
    PR:             257554
    Reported by:    grembo@

 sys/kern/uipc_shm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 5 commit-hook freebsd_committer freebsd_triage 2022-03-02 23:10:26 UTC
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=803d7f4ccdca197a1b2fcb2c8ecc2e4bf18f15d0

commit 803d7f4ccdca197a1b2fcb2c8ecc2e4bf18f15d0
Author:     Jamie Gritton <jamie@FreeBSD.org>
AuthorDate: 2022-02-24 17:30:49 +0000
Commit:     Jamie Gritton <jamie@FreeBSD.org>
CommitDate: 2022-03-02 23:08:00 +0000

    posixshm: Allow jails to use kern.ipc.posix_shm_list

    PR:             257554
    Reported by:    grembo@

    (cherry picked from commit d7c4ea7d728e7480477eaedf79fac84e7d1aefde)

 sys/kern/uipc_shm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)