git: DragonFly_RELEASE_5_8 jail - Fix broken port matching code
Matthew Dillon
dillon at crater.dragonflybsd.org
Sun Feb 23 12:10:02 PST 2020
commit bd447d74c48cfef43050a6803efd1c02710e4b91
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Sun Feb 23 12:02:27 2020 -0800
jail - Fix broken port matching code
* in_pcblookup_local() and in_pcblookup_localremote() were trying to
use the cred to distinguish between jails, but these routines are used
to locate a free port for bindind purposes and could wind up returning
a lookup failure for an occupied port.
The code may have been present in an early isolation attempt for jails.
* Remove the code. Isolating the IPs for a jail basically requires using
IP aliases, not by trying to isolate port number sets between jails.
Summary of changes:
sys/netinet/in_pcb.c | 44 ++++++++++++++++----------------------------
1 file changed, 16 insertions(+), 28 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bd447d74c48cfef43050a6803efd1c02710e4b91
--
DragonFly BSD source repository
More information about the Commits
mailing list