svn commit: r255316 - head/sys/kern

Fri Sep 6 17:32:29 UTC 2013

Author: jamie
Date: Fri Sep  6 17:32:29 2013
New Revision: 255316
URL: http://svnweb.freebsd.org/changeset/base/255316

Log:
  Keep PRIV_KMEM_READ permitted inside jails as it is on the outside.

Modified:
  head/sys/kern/kern_jail.c

Modified: head/sys/kern/kern_jail.c
==============================================================================

--- head/sys/kern/kern_jail.c	Fri Sep  6 17:19:57 2013	(r255315)
+++ head/sys/kern/kern_jail.c	Fri Sep  6 17:32:29 2013	(r255316)
@@ -3885,6 +3885,13 @@ prison_priv_check(struct ucred *cred, in
 	case PRIV_VFS_SETGID:
 	case PRIV_VFS_STAT:
 	case PRIV_VFS_STICKYFILE:
+
+		/*
+		 * As in the non-jail case, non-root users are expected to be
+		 * able to read kernel/phyiscal memory (provided /dev/[k]mem
+		 * exists in the jail and they have permission to access it).
+		 */
+	case PRIV_KMEM_READ:
 		return (0);
 
 		/*
