D47842.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D47842.diff
View Options

	diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c
	--- a/sys/kern/kern_sysctl.c
	+++ b/sys/kern/kern_sysctl.c
	@@ -2516,8 +2516,9 @@
	size_t oldlenp, int inkernel, const void new, size_t newlen,
	size_t *retval, int flags)
	{
	- int error = 0, memlocked;
	struct sysctl_req req;
	+ int error = 0;
	+ bool memlocked;

	bzero(&req, sizeof req);

	@@ -2549,9 +2550,10 @@
	if (KTRPOINT(curthread, KTR_SYSCTL))
	ktrsysctl(name, namelen);
	#endif
	- memlocked = 0;
	- if (req.oldptr && req.oldlen > 4 * PAGE_SIZE) {
	- memlocked = 1;
	+ memlocked = false;
	+ if (priv_check(td, PRIV_SYSCTL_MEMLOCK) != 0 &&
	+ req.oldptr != NULL && req.oldlen > 4 * PAGE_SIZE) {
	+ memlocked = true;
	sx_xlock(&sysctlmemlock);
	}
	CURVNET_SET(TD_TO_VNET(td));
	diff --git a/sys/sys/priv.h b/sys/sys/priv.h
	--- a/sys/sys/priv.h
	+++ b/sys/sys/priv.h
	@@ -211,6 +211,7 @@
	#define PRIV_SYSCTL_DEBUG 240 /* Can invoke sysctl.debug. */
	#define PRIV_SYSCTL_WRITE 241 /* Can write sysctls. */
	#define PRIV_SYSCTL_WRITEJAIL 242 /* Can write sysctls, jail permitted. */
	+#define PRIV_SYSCTL_MEMLOCK 243 /* Large requests are not serialized. */

	/*
	* TTY privileges.