On Mon, Jun 23, 2025 at 04:14:22PM +0300, Vitaliy Makkoveev wrote:
> Read-only access from sysctl(2) interface.

Maybe IPCTL_MRTPROTO is a leftover from routing daemon support in
kernel that was deleted.  As we might revive that code from attic
some day, let's keep that sysctl.  I remember fixing something in
netstat for the IPv6 case.

Your unlocking code is correct.  Could you add a [I] comment in
ip_mroute.c?

OK bluhm@

> Index: sys/netinet/ip_input.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet/ip_input.c,v
> diff -u -p -r1.411 ip_input.c
> --- sys/netinet/ip_input.c	23 Jun 2025 09:16:32 -0000	1.411
> +++ sys/netinet/ip_input.c	23 Jun 2025 13:12:21 -0000
> @@ -116,12 +116,12 @@ const struct sysctl_bounded_args ipctl_v
>  	{ IPCTL_FORWARDING, &ip_forwarding, 0, 2 },
>  	{ IPCTL_SENDREDIRECTS, &ip_sendredirects, 0, 1 },
>  	{ IPCTL_DIRECTEDBCAST, &ip_directedbcast, 0, 1 },
> -};
> -
> -const struct sysctl_bounded_args ipctl_vars[] = {
>  #ifdef MROUTING
>  	{ IPCTL_MRTPROTO, &ip_mrtproto, SYSCTL_INT_READONLY },
>  #endif
> +};
> +
> +const struct sysctl_bounded_args ipctl_vars[] = {
>  	{ IPCTL_DEFTTL, &ip_defttl, 0, 255 },
>  	{ IPCTL_IPPORT_FIRSTAUTO, &ipport_firstauto, 0, 65535 },
>  	{ IPCTL_IPPORT_LASTAUTO, &ipport_lastauto, 0, 65535 },
> @@ -1830,6 +1830,9 @@ ip_sysctl(int *name, u_int namelen, void
>  	case IPCTL_FORWARDING:
>  	case IPCTL_SENDREDIRECTS:
>  	case IPCTL_DIRECTEDBCAST:
> +#ifdef MROUTING
> +	case IPCTL_MRTPROTO:
> +#endif
>  		return (sysctl_bounded_arr(
>  		    ipctl_vars_unlocked, nitems(ipctl_vars_unlocked),
>  		    name, namelen, oldp, oldlenp, newp, newlen));