summaryrefslogtreecommitdiff
path: root/sys/kern/sysv_sem.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/kern/sysv_sem.c')
-rw-r--r--sys/kern/sysv_sem.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/sys/kern/sysv_sem.c b/sys/kern/sysv_sem.c
index 3d4fbdd2b771..f616f6eeb656 100644
--- a/sys/kern/sysv_sem.c
+++ b/sys/kern/sysv_sem.c
@@ -19,6 +19,7 @@
#include <sys/sysent.h>
#include <sys/sysctl.h>
#include <sys/malloc.h>
+#include <sys/jail.h>
static MALLOC_DEFINE(M_SEM, "sem", "SVID compatible semaphores");
@@ -201,6 +202,9 @@ semsys(p, uap)
} */ *uap;
{
+ if (!jail_sysvipc_allowed && p->p_prison != NULL)
+ return (ENOSYS);
+
if (uap->which >= sizeof(semcalls)/sizeof(semcalls[0]))
return (EINVAL);
return ((*semcalls[uap->which])(p, &uap->a2));
@@ -407,6 +411,9 @@ __semctl(p, uap)
printf("call to semctl(%d, %d, %d, 0x%x)\n", semid, semnum, cmd, arg);
#endif
+ if (!jail_sysvipc_allowed && p->p_prison != NULL)
+ return (ENOSYS);
+
semid = IPCID_TO_IX(semid);
if (semid < 0 || semid >= seminfo.semmsl)
return(EINVAL);
@@ -567,6 +574,9 @@ semget(p, uap)
printf("semget(0x%x, %d, 0%o)\n", key, nsems, semflg);
#endif
+ if (!jail_sysvipc_allowed && p->p_prison != NULL)
+ return (ENOSYS);
+
if (key != IPC_PRIVATE) {
for (semid = 0; semid < seminfo.semmni; semid++) {
if ((sema[semid].sem_perm.mode & SEM_ALLOC) &&
@@ -685,6 +695,9 @@ semop(p, uap)
printf("call to semop(%d, 0x%x, %d)\n", semid, sops, nsops);
#endif
+ if (!jail_sysvipc_allowed && p->p_prison != NULL)
+ return (ENOSYS);
+
semid = IPCID_TO_IX(semid); /* Convert back to zero origin */
if (semid < 0 || semid >= seminfo.semmsl)
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 15:41:31 +0000