upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 00:32:25 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

jail: expose children.max and children.cur via sysctl

Browse source 
Submitted by:   Igor Ostapenko <igor.ostapenko_pm.me>
Differential Revision:  <https://reviews.freebsd.org/D43565>

(cherry picked from commit ab0841bdbe)
This commit is contained in:
Jamie Gritton 2024-10-13 16:45:58 -07:00
parent 5a2cd24c46
commit 16e1424d24
1 changed files with 29 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
sys/kern/kern_jail.c
View file

@ -4425,6 +4425,35 @@ SYSCTL_PROC(_security_jail, OID_AUTO, devfs_ruleset,
sysctl_jail_default_level, "I",
"Ruleset for the devfs filesystem in jail (deprecated)");
SYSCTL_NODE(_security_jail, OID_AUTO, children, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"Limits and stats of child jails");
static int
sysctl_jail_children(SYSCTL_HANDLER_ARGS)
{
struct prison *pr;
int i;
pr = req->td->td_ucred->cr_prison;
switch (oidp->oid_kind & CTLTYPE) {
case CTLTYPE_INT:
i = *(int *)((char *)pr + arg2);
return (SYSCTL_OUT(req, &i, sizeof(i)));
}
return (0);
}
SYSCTL_PROC(_security_jail_children, OID_AUTO, max,
CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE,
NULL, offsetof(struct prison, pr_childmax), sysctl_jail_children,
"I", "Maximum number of child jails");
SYSCTL_PROC(_security_jail_children, OID_AUTO, cur,
CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE,
NULL, offsetof(struct prison, pr_childcount), sysctl_jail_children,
"I", "Current number of child jails");
/*
* Nodes to describe jail parameters. Maximum length of string parameters
* is returned in the string itself, and the other parameters exist merely