Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 31 Mar 2026 15:59:04 +0000
From:      Mark Johnston <markj@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 132d9d5df64d - stable/15 - sysctl: Avoid calling priv_check() unnecessarily
Message-ID:  <69cbef48.3a125.15dfaf32@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch stable/15 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=132d9d5df64d440467d5a20cf7082a761c80bb1e

commit 132d9d5df64d440467d5a20cf7082a761c80bb1e
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2026-02-21 16:16:32 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2026-03-31 15:57:29 +0000

    sysctl: Avoid calling priv_check() unnecessarily
    
    After commit 7d1d9cc440f80 we only serialize large sysctl requests for
    non-root users, but we should avoid calling priv_check() unless the
    request actually is large, as that's not the common case.  In
    particular, priv_check() might not be cheap to evaluate if MAC hooks are
    installed.
    
    Reviewed by:    olce, kib
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D55377
    
    (cherry picked from commit 0fa6ce255661acc984a45deaf2d710149b957ce6)
---
 sys/kern/kern_sysctl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c
index be0acb0a4a55..4adbd71fae24 100644
--- a/sys/kern/kern_sysctl.c
+++ b/sys/kern/kern_sysctl.c
@@ -2573,8 +2573,8 @@ userland_sysctl(struct thread *td, int *name, u_int namelen, void *old,
 		ktrsysctl(name, namelen);
 #endif
 	memlocked = false;
-	if (priv_check(td, PRIV_SYSCTL_MEMLOCK) != 0 &&
-	    req.oldptr != NULL && req.oldlen > 4 * PAGE_SIZE) {
+	if (req.oldptr != NULL && req.oldlen > 4 * PAGE_SIZE &&
+	    priv_check(td, PRIV_SYSCTL_MEMLOCK) != 0) {
 		memlocked = true;
 		sx_xlock(&sysctlmemlock);
 	}
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69cbef48.3a125.15dfaf32>