Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 4 Oct 2025 16:44:41 GMT
From:      Zhenlei Huang <zlei@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 4b92e54c9b5a - stable/13 - tcp: Fix expiring and purging hostcache entries of vnet jails
Message-ID:  <202510041644.594GifXK058330@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/13 has been updated by zlei:

URL: https://cgit.FreeBSD.org/src/commit/?id=4b92e54c9b5a531c12ac50add5da6eaf39b19380

commit 4b92e54c9b5a531c12ac50add5da6eaf39b19380
Author:     Zhenlei Huang <zlei@FreeBSD.org>
AuthorDate: 2025-09-24 01:16:13 +0000
Commit:     Zhenlei Huang <zlei@FreeBSD.org>
CommitDate: 2025-10-04 16:43:25 +0000

    tcp: Fix expiring and purging hostcache entries of vnet jails
    
    A jailed process, `sysctl -j foo` or `jexec foo sysctl`, do not have
    privilege to write to non-vnet sysctls but only to those marked as jail
    writable, aka sysctls those marked with CTLFLAG_VNET flag.
    
    Without this change we will get EPERM when trying to expire and purge
    hostcache entries of vnet jails via the net.inet.tcp.hostcache.purgenow
    sysctl. Fix that by adding a CTLFLAG_VNET flag.
    
    Reviewed by:    tuexen, #transport, #network
    Fixes:  264563806496 Add a new sysctl net.inet.tcp.hostcache.purgenow=1 to expire ...
    MFC after:      3 days
    Differential Revision:  https://reviews.freebsd.org/D52692
    
    (cherry picked from commit 33ceb31e256e386da5a42cc7ca2ef8d4b81b6eda)
    (cherry picked from commit fa30199a3dbfe1d4994e7e4e63ad9c582c6f8a1a)
    (cherry picked from commit 79d114544fabd5a80198e925e4dc34f47a9f9e3a)
---
 sys/netinet/tcp_hostcache.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netinet/tcp_hostcache.c b/sys/netinet/tcp_hostcache.c
index d40b27a251f5..6e987fd4b521 100644
--- a/sys/netinet/tcp_hostcache.c
+++ b/sys/netinet/tcp_hostcache.c
@@ -174,7 +174,7 @@ SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, histo,
     "Print a histogram of hostcache hashbucket utilization");
 
 SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, purgenow,
-    CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+    CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
     NULL, 0, sysctl_tcp_hc_purgenow, "I",
     "Immediately purge all entries");

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202510041644.594GifXK058330>