diff options
| author | Zhenlei Huang <zlei@FreeBSD.org> | 2025-09-24 01:16:13 +0000 |
|---|---|---|
| committer | Zhenlei Huang <zlei@FreeBSD.org> | 2025-09-24 01:16:13 +0000 |
| commit | 33ceb31e256e386da5a42cc7ca2ef8d4b81b6eda (patch) | |
| tree | 6edee0ea4b756cb51ee384c867cdf8f645ca760f | |
| parent | 723445fdeee741750a9a3fbd116b540bf605d93a (diff) | |
tcp: Fix expiring and purging hostcache entries of vnet jails
A jailed process, `sysctl -j foo` or `jexec foo sysctl`, do not have
privilege to write to non-vnet sysctls but only to those marked as jail
writable, aka sysctls those marked with CTLFLAG_VNET flag.
Without this change we will get EPERM when trying to expire and purge
hostcache entries of vnet jails via the net.inet.tcp.hostcache.purgenow
sysctl. Fix that by adding a CTLFLAG_VNET flag.
Reviewed by: tuexen, #transport, #network
Fixes: 264563806496 Add a new sysctl net.inet.tcp.hostcache.purgenow=1 to expire ...
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D52692
| -rw-r--r-- | sys/netinet/tcp_hostcache.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/netinet/tcp_hostcache.c b/sys/netinet/tcp_hostcache.c index dbc966acc56b..36a4f813d590 100644 --- a/sys/netinet/tcp_hostcache.c +++ b/sys/netinet/tcp_hostcache.c @@ -202,7 +202,7 @@ SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, histo, "Print a histogram of hostcache hashbucket utilization"); SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, purgenow, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, NULL, 0, sysctl_tcp_hc_purgenow, "I", "Immediately purge all entries"); |