HomeFreeBSD

inpcb: Allow SO_REUSEPORT_LB to be used in jails

Description

inpcb: Allow SO_REUSEPORT_LB to be used in jails

Currently SO_REUSEPORT_LB silently does nothing when set by a jailed
process. It is trivial to support this option in VNET jails, but it's
also useful in traditional jails.

This patch enables LB groups in jails with the following semantics:

  • all PCBs in a group must belong to the same jail,
  • PCB lookup prefers jailed groups to non-jailed groups

This is a straightforward extension of the semantics used for individual
listening sockets. One pre-existing quirk of the lbgroup implementation
is that non-jailed lbgroups are searched before jailed listening
sockets; that is preserved with this change.

Discussed with: glebius
MFC after: 1 month
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D37029

(cherry picked from commit d93ec8cb1324d04d7cae19fb7fa98ade2ff33c80)

Details

Provenance
markjAuthored on Nov 2 2022, 5:08 PM
Differential Revision
D37029: inpcb: Allow SO_REUSEPORT_LB to be used in jails
Parents
rG0ea32f0e8376: inpcb: Remove a PCB from its LB group upon a subsequent error
Branches
Unknown
Tags
Unknown