git: 1589eb2e8764 - main - jail: allow jails to call settimeofday() if allow.settime is enabled

The branch main has been updated by ivy:

URL: https://cgit.FreeBSD.org/src/commit/?id=1589eb2e8764623d1c32982b52088842519dfd11

commit 1589eb2e8764623d1c32982b52088842519dfd11
Author:     Lexi Winter <ivy@FreeBSD.org>
AuthorDate: 2025-04-20 19:15:54 +0000
Commit:     Lexi Winter <ivy@FreeBSD.org>
CommitDate: 2025-04-20 19:19:23 +0000

    jail: allow jails to call settimeofday() if allow.settime is enabled
    
    this extends the existing behaviour to allow calling settimeofday() in
    addition to clock_settime().  this is required for chrony, which uses
    settimeofday() to step the clock.
    
    Reviewed by:    jamie, oshogbo, kevans, des
    Approved by:    des (mentor), kevans (mentor)
    Differential Revision:  <https://reviews.freebsd.org/D49846>
---
 sys/kern/kern_jail.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 5dd07fbf77d1..b0b0fa50e648 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -4217,6 +4217,7 @@ prison_priv_check(struct ucred *cred, int priv)
 		 * Conditionally allow privileged process in the jail set
 		 * machine time.
 		 */
+	case PRIV_SETTIMEOFDAY:
 	case PRIV_CLOCK_SETTIME:
 		if (cred->cr_prison->pr_allow & PR_ALLOW_SETTIME)
 			return (0);