summaryrefslogtreecommitdiffstats
path: root/sys/netinet6/udp6_usrreq.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet6/udp6_usrreq.c')
-rw-r--r--sys/netinet6/udp6_usrreq.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c
index 19a5199..6d233dd 100644
--- a/sys/netinet6/udp6_usrreq.c
+++ b/sys/netinet6/udp6_usrreq.c
@@ -71,6 +71,7 @@ __FBSDID("$FreeBSD$");
#include "opt_mac.h"
#include <sys/param.h>
+#include <sys/jail.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/mbuf.h>
@@ -860,6 +861,12 @@ udp6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
goto out;
}
in6_sin6_2_sin(&sin, sin6_p);
+ if (td && jailed(td->td_ucred))
+ if (prison_remote_ip4(td->td_ucred,
+ &sin.sin_addr) != 0) {
+ error = EAFNOSUPPORT;
+ goto out;
+ }
error = in_pcbconnect(inp, (struct sockaddr *)&sin,
td->td_ucred);
if (error == 0) {
@@ -874,6 +881,13 @@ udp6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
error = EISCONN;
goto out;
}
+ if (td && jailed(td->td_ucred)) {
+ struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
+ if (prison_remote_ip6(td->td_ucred, &sin6->sin6_addr) != 0) {
+ error = EAFNOSUPPORT;
+ goto out;
+ }
+ }
error = in6_pcbconnect(inp, nam, td->td_ucred);
if (error == 0) {
if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
OpenPOWER on IntegriCloud