From nobody Sun Apr 20 19:20:02 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZgdcL6cCbz5tWlQ; Sun, 20 Apr 2025 19:20:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZgdcL4YH4z3Sn8; Sun, 20 Apr 2025 19:20:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745176802; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VAhQC8P+Ljr3pxF518ThYr12qL35NlW/bS/bPvhJz48=; b=GAXSegTtrJIURbQlFfa15te23mZH82HoRiXO1l7J+L1pP8cGCif1lkFFCU9F2O17H+Qspj CLpZaVLNETrP0bFPjyXTTkeuRvryCDLHqU+htykHIgaXqUlba5KLdq41FiPB+FbcoT0Tcq tbL0cPbVEsco8ISdS4ukvmXYbs268AyjmWHKxgretpfk481PiI+AmroaOD/BB3ywnGvvU6 Xh/nJKqr/gY210N0NIj9ScYrmWjY1dMxf+unGWlWcs+vlSpxPHniM3wRxdwPOFp3DBY9hM 46ApcXJ4fuFF9JTsSLJls7FL0xnq4kkf73EZTOBfNN1Xn6ZtUmBC0ddZrW8Bow== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1745176802; a=rsa-sha256; cv=none; b=E47qNoV+Y1hOO7mqawEJroaGn/3FsWxFebxO1kWGSucU42EB/1HmIeKLkTmDCqWEkCVvc0 21w3h3wkUhX4Gu3I7Ke2xmbf8fAihAT2nsftl08RHE9RX9tE2JgN9538/lfntfsuiEL9kF Q7dR8dHImUDBJ2sw48tookzyacmlmVqojmfUoQpJmTK6nU5oOHLZp6n95dS8TDvQ7NwJ1/ Ul+9s03boii+OTEoIvrfUQiHDL+lhX7ayn6xh+ew9o5G5//qjg/7vVFaqUKNEl92pxkO6d PIBjTX8iOCOv/b+KJeFxz/g6YrS0Cqq1zKetBiOvnXZfFXTOph/M0lMUf4DB+Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745176802; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VAhQC8P+Ljr3pxF518ThYr12qL35NlW/bS/bPvhJz48=; b=hdKjeffYq+Qj5rvtjkD+F8DT1HGAm0oaVI22DLyPFobtV754JbYI/nahBWwmGXY6G9oVG3 Nj9/ZPPPGTDYMNBpY0SaJaP+JxGa0DfyXDy1Fmcm3A5476KzMelFdDXrHgV932ybyx+Fys Wks9qyq9MOcLXbrQE8Etv0z+6P5Ggw+RhMbf062P+OtpTRmO2a+aGyVmkuF0pONZv2RCwb GfvVg0G14oOx0/oZpw0wgUvaBA/c+F3Y7NKKvbwKBjP0X4GCkmZN6p0c8WIto57SgyQ8BZ BWLMnvi53jgS0fTaTws6AtkCXlvgXRGhZkCbmr7N0LOUzfDjnU2Rp379v8ss/A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZgdcL2hrZz2T7; Sun, 20 Apr 2025 19:20:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 53KJK2RO007958; Sun, 20 Apr 2025 19:20:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 53KJK2op007953; Sun, 20 Apr 2025 19:20:02 GMT (envelope-from git) Date: Sun, 20 Apr 2025 19:20:02 GMT Message-Id: <202504201920.53KJK2op007953@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Lexi Winter Subject: git: 1589eb2e8764 - main - jail: allow jails to call settimeofday() if allow.settime is enabled List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ivy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1589eb2e8764623d1c32982b52088842519dfd11 Auto-Submitted: auto-generated The branch main has been updated by ivy: URL: https://cgit.FreeBSD.org/src/commit/?id=1589eb2e8764623d1c32982b52088842519dfd11 commit 1589eb2e8764623d1c32982b52088842519dfd11 Author: Lexi Winter AuthorDate: 2025-04-20 19:15:54 +0000 Commit: Lexi Winter CommitDate: 2025-04-20 19:19:23 +0000 jail: allow jails to call settimeofday() if allow.settime is enabled this extends the existing behaviour to allow calling settimeofday() in addition to clock_settime(). this is required for chrony, which uses settimeofday() to step the clock. Reviewed by: jamie, oshogbo, kevans, des Approved by: des (mentor), kevans (mentor) Differential Revision: --- sys/kern/kern_jail.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index 5dd07fbf77d1..b0b0fa50e648 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -4217,6 +4217,7 @@ prison_priv_check(struct ucred *cred, int priv) * Conditionally allow privileged process in the jail set * machine time. */ + case PRIV_SETTIMEOFDAY: case PRIV_CLOCK_SETTIME: if (cred->cr_prison->pr_allow & PR_ALLOW_SETTIME) return (0);