Page MenuHomeFreeBSD
Differential D49846

jail: allow jails to call settimeofday() if allow.settime is enabled
ClosedPublic
Actions

Authored by ivy on Apr 15 2025, 6:01 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sep 15 2025, 11:15 PM
Unknown Object (File)
Sep 15 2025, 8:57 PM
Unknown Object (File)
Aug 27 2025, 2:36 AM
Unknown Object (File)
Aug 24 2025, 7:23 PM
Unknown Object (File)
Aug 23 2025, 4:08 AM
Unknown Object (File)
Aug 18 2025, 1:39 AM
Unknown Object (File)
Aug 14 2025, 11:19 PM
Unknown Object (File)
Jul 28 2025, 12:26 AM
View All 37 Files
Subscribers
guest-patmaddox
imp
olce

Details

Reviewers
jamie
oshogbo
kevans
des
Group Reviewers
Jails
Summary

this extends the existing behaviour to allow calling settimeofday() in
addition to clock_settime(). this is required for chrony, which uses
settimeofday() to step the clock.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 63527
Build 60411: arc lint + arc unit

Event Timeline

ivy created this revision.Apr 15 2025, 6:01 PM
Herald added subscribers: olce, imp. · View Herald TranscriptApr 15 2025, 6:01 PM
ivy requested review of this revision.Apr 15 2025, 6:01 PM
Harbormaster completed remote builds in B63527: Diff 153699.Apr 15 2025, 6:01 PM
ivy added a parent revision: D49845: rc.subr: add 'settime' to svcj options.Apr 15 2025, 6:01 PM
ivy removed a reviewer: network.Apr 15 2025, 6:02 PM
ivy mentioned this in D49845: rc.subr: add 'settime' to svcj options.Apr 15 2025, 7:06 PM
guest-patmaddox added a subscriber: guest-patmaddox.Apr 15 2025, 9:12 PM
jamie accepted this revision.Apr 16 2025, 7:46 PM
jamie added a reviewer: oshogbo.

It looks very basic, and is good by me. But I'm inviting Mariusz to make sure he didn't have a particular reason not to include PRIV_SETTIMEOFDAY when he added PRIV_CLOCK_SETTIME.

This revision is now accepted and ready to land.Apr 16 2025, 7:46 PM
imp added a comment.Apr 18 2025, 2:48 AM

Seems reasonable to me. Setting the time is setting the time. They both call settime() in kern_time.c under the covers. Not even sure why they are separate privs, unless the slight difference in only being able to set one of the clocks matters. But since there are two privs, this seems fine given the jail permission granularity.

ivy added reviewers: kevans, des.Apr 19 2025, 5:22 AM

adding kevans, des (mentors) to review. i am ready to land this but i will wait for Mariusz input first.

des accepted this revision.Apr 19 2025, 10:14 AM
oshogbo accepted this revision.Apr 19 2025, 12:53 PM

I have missed this one. I simply looked into syscalls from ntpd.

kevans accepted this revision.Apr 20 2025, 3:33 PM
ivy closed this revision.Apr 20 2025, 7:50 PM

closing this manually as it was committed as 1589eb2e8764623d1c32982b52088842519dfd11. i think phab missed this because i put <> around the Differential Revision tag in the commit message, which i'll stop doing.

des added a comment.Apr 21 2025, 5:23 PM
In D49846#1138487, @ivy wrote:

i think phab missed this because i put <> around the Differential Revision tag in the commit message, which i'll stop doing.

You really should install freebsd-git-devtools and use git arc stage to prepare commits from phab reviews.

ivy added a comment.EditedApr 23 2025, 2:25 AM

i'm actually using that for create/update but i completely forgot about the stage command, i will go rtfm on that now.

Revision Contents
Changeset List

PathSize
sys/
kern/
1 line

Diff 153699

View Options

sys/kern/kern_jail.c

Loading...